
PCI Requirement 10.2.6 – Initialization, Stopping, or Pausing of the Audit Logs
What Does the Initialization, Stopping, or Pausing of Audit Logs Indicate? Stopping or pausing audit logs prior to performing malicious activities is a common practice for users hoping to avoid detection, and initialization of audit logs could indicate that the log function was disabled by a user. This is why PCI Requirement 10.2.6 requires that audit trails can reconstruct the initialization, stopping, or pausing of audit logs. To demonstrate…



