PCI ISA Questions and Answers with Certified Solutions

Document Content and Description Below

PCI ISA Questions and Answers with Certified Solutions For PCI DSS requirement 1, firewall and router rule sets need to be reviewed every _____________ months ✔✔6 months Non-console administra... tor access to any web-based management interfaces must be encrypted with technology such as......... ✔✔HTTPS Requirements 2.2.2 and 2.2.3 cover the use of secure services, protocols and daemons. Which of the following is considered to be secure? ✔✔SSH Which of the following is considered "Sensitive Authentication Data"? ✔✔Card Verification Value (CAV2/CVC2/CVV2/CID), Full Track Data, PIN/PIN Block True or False: It is acceptable for merchants to store Sensitive Authentication after authorization as long as it is strongly encrypted? ✔✔False When a PAN is displayed to an employee who does NOT need to see the full PAN, the minimum digits to be masked are: ✔✔All digits between the first six and last four Which of the following is true regarding protection of PAN? ✔✔PAN must be rendered unreadable during transmission over public, wireless networks Which of the following may be used to render PAN unreadable in order to meet requirement 3.4? ✔✔Hashing the entire PAN using strong cryptography True or False Where keys are stored on production systems, split knowledge and dual control is required? ✔✔True When assessing requirement 6.5, testing to verify secure coding techniques are in place to address common coding vulnerabilities includes: ✔✔Reviewing software development policies and procedures One of the principles to be used when granting user access to systems in CDE is: ✔✔Least privilege An example of a "one-way" cryptographic function used to render data unreadable is: ✔✔SHA-2 A set of cryptographic hash functions designe [Show More]

Last updated: 2 years ago

Preview 1 out of 18 pages

Buy Now

Instant download

We Accept: