when and how should activity auditing and server logging be implemented? group of answer choices always, with full debugging enabled, to persist all requests for later analysis always, but with sensitive data removed, and integrity controls enforced no server logging should be implemented, only client logging to ensure privacy