Salesforce Certified Identity and Access Management Practice

Why are audit logs important for identity management?

• A. They help in increasing data storage
• B. They provide a historical record of user access and activities
• C. They serve as performance metrics for applications
• D. They assist in creating new user profiles

The correct answer is: They provide a historical record of user access and activities

Audit logs are crucial for identity management because they provide a historical record of user access and activities. This historical record allows organizations to track who accessed what resources, when, and what actions were taken. Such information is invaluable for several reasons: - **Security**: By maintaining detailed logs, organizations can detect unauthorized access attempts or unusual behavior, enabling them to respond to potential security threats effectively. - **Compliance**: Many industries are subject to regulations requiring them to monitor access to sensitive data. Audit logs help organizations demonstrate compliance by providing evidence that access controls are in place and being enforced. - **Forensic Analysis**: In the event of a security breach, audit logs serve as a vital resource for forensic analysis. They can help identify how a breach occurred, what data was accessed, and whether any data was modified or exfiltrated. - **User Activity Monitoring**: Organizations can assess user behavior over time to ensure that users adhere to their access privileges and that no suspicious activities take place. In contrast, the other options do not accurately reflect the primary function of audit logs in identity management. Increasing data storage is not a goal of audit logs; performance metrics relate to application efficiency rather than user access, and creating new user profiles does not involve audit