PCI-DSS ISA Exam | 81 Correct Questions And Answers Latest Updated 2022.

30. Verify that the storage location security is reviewed at least to confirm that backup media storage is secure.: - annually 31. Review media inventory logs to verify that logs are maintained and media inventories are performed at least .: annually 32. Using time-synchronization technology, synchronize all critical system clocks and times and ensure that the following is implemented for:: acquiring, distributing, and storing time 33. All security events and logs of (a) all system components that store, process, or transmit CHD; (b) critical system components; (c) components that perform security functions (for example, firewalls, intrusion-detection systems/intrusion-prevention systems (IDS/IPS), authentication servers, e-commerce redirection servers, etc.) to be reviewed at least .: daily 34. Audit logs must be immediately available for analysis for a period of and must be retained for a period of .: 3 months; 1 year 35. Detection and identification of authorized and unauthorized wireless access points must occur .: quarterly 36. Run internal and external network vulnerability scans at least and after any significant change in the network: - quarterly 37. "External" vulnerability scans must be run by and perform .: an ASV; quarterly 38. For external scans, no vulnerabilities exist that are scored by the CVSS.: 4.0 or higher 39. Penetration testing for "Service Provider" in which targeting segmentation controls must be perform every .: 6 months 40. FIM tools must be configured to perform critical file comparisons check at least ,: weekly 41. A retail location that does not use wireless devices in store must test for the presence of unauthorized wireless devices every .: - quarter 42. Verify that personnel attend security awareness training upon hire and at least .: annually