Where should logs for external-facing technologies be written?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $9.99Unlock all

Prepare for the PCI Data Security Standard Test with our quiz. Use flashcards and multiple-choice questions to learn each concept. Get ready to excel in your examination!

Multiple Choice

Where should logs for external-facing technologies be written?

Explanation:
The key idea is that logs from systems exposed to the outside world must be collected in a secure, centralized place you control, so you can reliably monitor, protect, and investigate security events. Writing logs for external-facing technologies to a secure, centralized internal log server or media device provides protected, auditable storage with controlled access, integrity protections, and retention aligned with policy and regulatory requirements. This setup makes it possible to correlate events across systems, detect anomalies, and perform forensics if needed. Logging to a public cloud bucket introduces external storage that may be harder to tightly control and audit, potentially creating gaps in protection and access management. Printing logs on paper is impractical for volume, searchability, and timely analysis, making it unsuitable for ongoing monitoring and incident response. Logging internal-facing systems only would miss the crucial need to capture events from external-facing technologies, which is precisely what needs to be monitored and retained.

The key idea is that logs from systems exposed to the outside world must be collected in a secure, centralized place you control, so you can reliably monitor, protect, and investigate security events. Writing logs for external-facing technologies to a secure, centralized internal log server or media device provides protected, auditable storage with controlled access, integrity protections, and retention aligned with policy and regulatory requirements. This setup makes it possible to correlate events across systems, detect anomalies, and perform forensics if needed.

Logging to a public cloud bucket introduces external storage that may be harder to tightly control and audit, potentially creating gaps in protection and access management. Printing logs on paper is impractical for volume, searchability, and timely analysis, making it unsuitable for ongoing monitoring and incident response. Logging internal-facing systems only would miss the crucial need to capture events from external-facing technologies, which is precisely what needs to be monitored and retained.

More Multiple Choice Questions
Subscribe

Get the latest from Examzify

You can unsubscribe at any time. Read our privacy policy