Which option correctly describes where logs for external-facing technologies should be written?

Centralized and secured logging is essential for external-facing technologies. Writing logs to a secure, centralized internal log server or media ensures visibility across all systems, enables effective monitoring and correlation of events, and supports timely incident response. It also protects log data with proper access controls, encryption, and retention policies, aligning with PCI DSS requirements for log integrity and availability. In contrast, keeping logs only on the device risks loss or tampering if the device fails or is replaced, and placing logs in a publicly accessible online repository exposes sensitive information and creates opportunities for tampering. Not collecting logs at all leaves you without the necessary visibility to detect and respond to incidents.