Docsity
Log inSign up
Docsity
Prepare for your exams
Prepare for your exams

Study with the several resources on Docsity

Earn points to download
Earn points to download

Earn points by helping other students or get them with a premium plan

Guidelines and tips
Guidelines and tips
Sell on Docsity
Sell on Docsity
Log inSign up

Prepare for your exams

Study with the several resources on Docsity

Find documents

Prepare for your exams with the study notes shared by other students like you on Docsity

Search Store documents

The best documents sold by students who completed their studies

Search through all study resources
Docsity AINEW

Summarize your documents, ask them questions, convert them into quizzes and concept maps

Explore questions

Clear up your doubts by reading the answers to questions asked by your fellow students

Earn points to download

Earn points by helping other students or get them with a premium plan

Share documents
download point icon20 Points

For each uploaded document

Answer questions
download point icon5 Points

For each given answer (max 1 per day)

All the ways to get free points
Get points immediately

Choose a premium plan with all the points you need

Study Opportunities

Choose your next study program

Get in touch with the best universities in the world. Search through thousands of universities and official partners

Community

Ask the community

Ask the community for help and clear up your study doubts

University Rankings

Discover the best universities in your country according to Docsity users

Free resources

Our save-the-student-ebooks!

Download our free guides on studying techniques, anxiety management strategies, and thesis advice from Docsity tutors

From our blog

Exams and Study
Go to the blog

PCI-DSS ISA Exam | 100% Correct Answers | Verified | Latest 2024 Version, Exams of Information Technology

Ottawa University (OU) - JeffersonvilleInformation Technology

Perimeter firewalls installed ______________________________. - ✔✔between all wireless networks and the CHD environment. Where should firewalls be installed? - ✔✔At each Internet connection and between any DMZ and the internal network. Review of firewall and router rule sets at least every __________________. - ✔✔6 months If disk encryption is used - ✔✔logical access must be managed separately and independently of native operating system authentication and access control mechanisms Manual clear-text key-management procedures specify processes for the use of the following: - ✔✔Split knowledge AND Dual control of keys

Typology: Exams

2023/2024

Available from 08/16/2024

tizian-kylan
tizian-kylan 🇺🇸

2.7

(21)

3.8K documents

1 / 6

Toggle sidebar

This page cannot be seen from the preview

Don't miss anything!

bg1
PCI-DSS ISA Exam | 100% Correct Answers |
Verified | Latest 2024 Version
Perimeter firewalls installed ______________________________. - ✔✔between all wireless networks
and the CHD environment.
Where should firewalls be installed? - ✔✔At each Internet connection and between any DMZ and the
internal network.
Review of firewall and router rule sets at least every __________________. - ✔✔6 months
If disk encryption is used - ✔✔logical access must be managed separately and independently of native
operating system authentication and access control mechanisms
Manual clear-text key-management procedures specify processes for the use of the following: - ✔✔Split
knowledge AND Dual control of keys
What is considered "Sensitive Authentication Data"? - ✔✔Card verification value
When a PAN is displayed to an employee who does NOT need to see the full PAN, the minimum digits to
be masked are: All digits between the ___________ and the __________. - ✔✔first 6; last 4
Regarding protection of PAN... - ✔✔PAN must be rendered unreadable during the transmission over
public and wireless networks.
Under requirement 3.4, what method must be used to render the PAN unreadable? - ✔✔Hashing the
entire PAN using strong cryptography
Weak security controls that should NOT be used - ✔✔WEP, SSL, and TLS 1.0 or earlier
pf3
pf4
pf5

Partial preview of the text

Download PCI-DSS ISA Exam | 100% Correct Answers | Verified | Latest 2024 Version and more Exams Information Technology in PDF only on Docsity!

PCI-DSS ISA Exam | 100% Correct Answers |

Verified | Latest 2024 Version

Perimeter firewalls installed ______________________________. - ✔✔between all wireless networks and the CHD environment. Where should firewalls be installed? - ✔✔At each Internet connection and between any DMZ and the internal network. Review of firewall and router rule sets at least every __________________. - ✔✔6 months If disk encryption is used - ✔✔logical access must be managed separately and independently of native operating system authentication and access control mechanisms Manual clear-text key-management procedures specify processes for the use of the following: - ✔✔Split knowledge AND Dual control of keys What is considered "Sensitive Authentication Data"? - ✔✔Card verification value When a PAN is displayed to an employee who does NOT need to see the full PAN, the minimum digits to be masked are: All digits between the ___________ and the __________. - ✔✔first 6; last 4 Regarding protection of PAN... - ✔✔PAN must be rendered unreadable during the transmission over public and wireless networks. Under requirement 3.4, what method must be used to render the PAN unreadable? - ✔✔Hashing the entire PAN using strong cryptography Weak security controls that should NOT be used - ✔✔WEP, SSL, and TLS 1.0 or earlier

Per requirement 5, anti-virus technology must be deployed_________________ - ✔✔on all system components commonly affected by malicious software. Key functions for anti-vius program per Requirement 5: - ✔✔1) Detect

  1. Remove
  2. Protect Anti-virus solutions may be temporarily disabled only if - ✔✔there is legitimate technical need, as authorized by management on a case-by-case basis When to install "critical" applicable vendor-supplied security patches? ---> within _________ of release. - ✔✔1 month When to install applicable vendor-supplied security patches? - ✔✔within an appropriate time frame (for example, within three months). When assessing requirement 6.5, testing to verify secure coding techniques are in place to address common coding vulnerabilities includes: - ✔✔Reviewing software development policies and procedures Requirements 7 restricted access controls by: - ✔✔Need-to-know and least privilege Inactive accounts over _____________days need to be removed or disabled. - ✔✔90 days To verify user access termination policy, an ISA need to select a sample of user terminated in the past _______________ months, and review current user access lists—for both local and remote access—to verify that their IDs have been deactivated or removed from the access lists. - ✔✔6 months How many logon attempts should be allowed until resulting temporarily account locked-out? - ✔✔ 6 attempts

Using time-synchronization technology, synchronize all critical system clocks and times and ensure that the following is implemented for: - ✔✔acquiring, distributing, and storing time All security events and logs of (a) all system components that store, process, or transmit CHD; (b) critical system components; (c) components that perform security functions (for example, firewalls, intrusion- detection systems/intrusion-prevention systems (IDS/IPS), authentication servers, e-commerce redirection servers, etc.) to be reviewed at least ______________. - ✔✔daily Audit logs must be immediately available for analysis for a period of ________ and must be retained for a period of _________. - ✔✔3 months; 1 year Detection and identification of authorized and unauthorized wireless access points must occur _________________. - ✔✔quarterly Run internal and external network vulnerability scans at least ____________________ and after any significant change in the network - ✔✔quarterly External vulnerability scans must be run by ____________ and perform ________________. - ✔✔an ASV; quarterly For external scans, no vulnerabilities exist that are scored _____________ by the CVSS. - ✔✔4.0 or higher Penetration testing for "Service Provider" in which targeting segmentation controls must be perform every __________________. - ✔✔6 months FIM tools must be configured to perform critical file comparisons check at least_______________, - ✔✔weekly A retail location that does not use wireless devices in store must test for the presence of unauthorized wireless devices every ________________. - ✔✔quarter

Verify that personnel attend security awareness training upon hire and at least___________________. - ✔✔annually Appendix A1 applies to - ✔✔hosting providers Appendix A2 applies to - ✔✔entities using SSL/Early TLS Appendix A3 applies to - ✔✔Designated Entities Supplemental Validation (DESV) An entity is required to undergo an assessment according to this Appendix ONLY if instructed to do so by an acquirer or a payment brand. Designated entities (DESV) must document and confirm the accuracy of PCI DSS scope at least_________ and upon significant changes to the in-scope environment. - ✔✔quarterly Designated Entities (DESV) must ensure that pen tests are performed on "segmentation controls" every _________________, and after significant changes. - ✔✔6 months In regards to DESV, user accounts and access privileges are reviewed at least every______________. - ✔✔6 months ASV scans must cover__________________________________. - ✔✔ALL Internet-Facing IP addresses in existence at the entity. Compensating controls need to be evaluated at least_________________. - ✔✔annually Compensating controls requirement 1: - ✔✔Constrains Compensating controls requirement 2: - ✔✔Objective