NSE 6 – FortiWeb 6.1 — Question 24

What must you do with your FortiWeb logs to ensure PCI DSS compliance?

Answer options

• A. Store in an off-site location
• B. Erase them every two weeks
• C. Enable masking of sensitive data
• D. Compress them into a .zip file format

Correct answer: C

Explanation

The correct choice, C, is essential as PCI DSS requires that sensitive data be masked to protect it from unauthorized access. Options A and D do not address data protection requirements, while B contradicts compliance by advocating for data deletion instead of retention.