1. Perimeter firewalls installed .: between all wireless networks and the CHD environment.
2. Where should firewalls be installed?: At each Internet connection and be- tween any DMZ and the internal network.
3. Review
...
1. Perimeter firewalls installed .: between all wireless networks and the CHD environment.
2. Where should firewalls be installed?: At each Internet connection and be- tween any DMZ and the internal network.
3. Review of firewall and router rule sets at least every .-
: 6 months
4. If disk encryption is used: logical access must be managed separately and independently of native operating system authentication and access control mech- anisms
5. Manual clear-text key-management procedures specify processes for the use of the following:: Split knowledge AND Dual control of keys
6. What is considered "Sensitive Authentication Data"?: Card verification val- ue
7. When a PAN is displayed to an employee who does NOT need to see the full PAN, the minimum digits to be masked are: All digits between the
and the .: first 6; last 4
8. Regarding protection of PAN...: PAN must be rendered unreadable during the transmission over public and wireless networks.
9. Under requirement 3.4, what method must be used to render the PAN unreadable?: Hashing the entire PAN using strong cryptography
10. Weak security controls that should NOT be used: WEP, SSL, and TLS 1.0 or earlier
11. Per requirement 5, anti-virus technology must be de-
ployed : on all system components commonly affected by malicious software.
12. Key functions for anti-vius program per Requirement 5:: 1) Detect
2) Remove
3) Protect
13. Anti-virus solutions may be temporarily disabled only if: there is legitimate technical need, as authorized by management on a case-by-case basis
14. When to install "critical" applicable vendor-supplied security patches?
---> within of release.: 1 month
15. When to install applicable vendor-supplied security patches?: within an appropriate time frame (for example, within three months).
[Show More]