10.5 Secure audit trails so they cannot be altered. 10.5.1 Limit viewing of audit trails to those with a job-related need 10.5.2 Protect audit trail files from unauthorized modifications 10.5.3 Promptly back-up audit trail files to a centralized log server or media that is difficult to alter 10.5.4 Copy logs for wireless networks onto a log server on the internal LAN. 10.5.5 Use file integrity monitoring and change detection software on logs to ensure that existing log data cannot be changed without generating alerts (although new data being added should not cause an alert).