Valid B2C-Commerce-Architect Dumps shared by ExamDiscuss.com for Helping Passing B2C-Commerce-Architect Exam! ExamDiscuss.com now offer the newest B2C-Commerce-Architect exam dumps, the ExamDiscuss.com B2C-Commerce-Architect exam questions have been updated and answers have been corrected get the newest ExamDiscuss.com B2C-Commerce-Architect dumps with Test Engine here:
An Architect isperforming an audit of production logs via Log Center and finds some potentially dangerous custom log output. In which two ways It this log output Improper In a production environment? Choose 2 answers
Correct Answer: A,D
In a production environment, logging sensitive customer information such as credit card details (PAN, CVV, expiration date) can lead to severe security and compliance issues, specifically violating PCI DSS (Payment Card Industry Data Security Standard) requirements. The standards strictly prohibit the storage of CVV codes and mandate that any PAN displayed must be masked. Storing such data in logs is not only a risk for data breaches but also non-compliance with these standards can lead to penalties. * Option A: Including the customer's card name along with the full credit card number in logs is a clear violation of PCI DSS requirements, which stipulate that no more than the last four digits of the card number may be displayed. * Option B: Logging the card security code (CVV) and expiration date is explicitly prohibited by PCI DSS, which requires that sensitive authentication data, including CVV, must never be stored post- authentication, even if it is encrypted.
