Audit Log Access Control:
PCI DSS Requirement 10.7 restricts access to audit logs to individuals with a job-related need to
protect the integrity and confidentiality of the logs.
Rationale for Job-Related Need:
Limiting access reduces the risk of tampering, accidental modification, or exposure of sensitive
information.
Invalid Options:
A: Individuals who performed the activity should not necessarily view logs unless required.
B/C: Read/write access or administrator privileges are not prerequisites for log viewing.
