CCC.AuditLog.C08: Enable Object Lock On Audit Log Bucket
Control ID:CCC.AuditLog.C08
Title:Enable Object Lock On Audit Log Bucket
Objective:Ensure that object log is enabled globally on all objects with the bucket.
The lock time MUST be configured to meet your organization, legal and compliance goals.
Deletion attempts before the lock period MUST be denied.
Control Family:
Availability
Related Threats
| ID | Title | Description | External Mappings | Capability Mappings | Control Mappings |
|---|---|---|---|---|---|
| CCC.Core.TH07 | Logs are Tampered With or Deleted | Tampering or deletion of service logs will reduce the system's ability to maintain an accurate record of events. Any actions that compromise the integrity of logs could disrupt system availability by disrupting monitoring, hindering forensic investigations, and reducing the accuracy of audit trails. | 1 | 1 | 0 |
Related Capabilities
| ID | Title | Description |
|---|---|---|
| CCC.Core.F03 | Access Log Publication | The service automatically publishes structured, verbose records of activities performed within the scope of the service by external actors. |
| CCC.Core.F10 | Log Publication | The service automatically publishes structured, verbose records of activities, operations, or events that occur within the service. |