PCI-DSS ISA Exam Questions And Accurate Answers
New Update
Perimeter firewalls installed ______________________________. - Answer between all
wireless networks and the CHD environment.
Where to install firewalls? - Answer At every Internet connection and between any DMZ
and the internal network.
Firewall and router rule sets Review ______________________________. - Answer at least
every 6 months
If encryption of disk is used - Answer logical access must be managed separately and
independently of native operating system authentication and access control
mechanisms
Manual clear-text key-management procedures specify processes for the use of the
following: - Answer Split knowledge AND Dual control of keys
What, below, is considered "Sensitive Authentication Data"? - Answer Card verification
value
When a PAN is displayed to an employee who does NOT need to see the full PAN, the
minimum digits to be masked are: All digits between the ___________ and the __________. -
Answer first 6; last 4
Protection of PAN. - Answer PAN has to be rendered unreadable when it is across public
and wireless networks.
Requirement 3.4 compelling what related to the PAN to be unreadable - Answer Full
PAN is to be hashed with strong cryptography
, Poor security controls that should NOT be utilized - Answer WEP, SSL and earlier than
TLS 1.0
Requirement 5 wants the anti-virus technology deployed on _______________________.
Answer all system components normally affected by the malicious software.
Key functions for anti-vius programme per Requirement 5: - Answers 1) Detect
2) Remove
3) Protect
Anti-virus solutions can be disabled for a short duration only in cases when there is -
Answer legitimate technical need authorized by the management on a case-to-case
basis.
When to install "critical" applicable vendor-supplied security patches? ---> within
_________ of release. - Answer 1 month
When to install applicable vendor-supplied security patches? - Answer within an
appropriate time frame for example, within three months.
When testing requirement 6.5 to determine whether secure coding techniques are in
place to address common coding vulnerabilities includes: - Answer Reviewing software
development policies and procedures
Requirements 7 restricted access controls by: - Answer Need-to-know and least
privilege
Accounts that have been inactive for over _____________days should be deleted or
disabled. - Answer 90 days
To verify user access termination policy, an ISA need to select a sample of user
New Update
Perimeter firewalls installed ______________________________. - Answer between all
wireless networks and the CHD environment.
Where to install firewalls? - Answer At every Internet connection and between any DMZ
and the internal network.
Firewall and router rule sets Review ______________________________. - Answer at least
every 6 months
If encryption of disk is used - Answer logical access must be managed separately and
independently of native operating system authentication and access control
mechanisms
Manual clear-text key-management procedures specify processes for the use of the
following: - Answer Split knowledge AND Dual control of keys
What, below, is considered "Sensitive Authentication Data"? - Answer Card verification
value
When a PAN is displayed to an employee who does NOT need to see the full PAN, the
minimum digits to be masked are: All digits between the ___________ and the __________. -
Answer first 6; last 4
Protection of PAN. - Answer PAN has to be rendered unreadable when it is across public
and wireless networks.
Requirement 3.4 compelling what related to the PAN to be unreadable - Answer Full
PAN is to be hashed with strong cryptography
, Poor security controls that should NOT be utilized - Answer WEP, SSL and earlier than
TLS 1.0
Requirement 5 wants the anti-virus technology deployed on _______________________.
Answer all system components normally affected by the malicious software.
Key functions for anti-vius programme per Requirement 5: - Answers 1) Detect
2) Remove
3) Protect
Anti-virus solutions can be disabled for a short duration only in cases when there is -
Answer legitimate technical need authorized by the management on a case-to-case
basis.
When to install "critical" applicable vendor-supplied security patches? ---> within
_________ of release. - Answer 1 month
When to install applicable vendor-supplied security patches? - Answer within an
appropriate time frame for example, within three months.
When testing requirement 6.5 to determine whether secure coding techniques are in
place to address common coding vulnerabilities includes: - Answer Reviewing software
development policies and procedures
Requirements 7 restricted access controls by: - Answer Need-to-know and least
privilege
Accounts that have been inactive for over _____________days should be deleted or
disabled. - Answer 90 days
To verify user access termination policy, an ISA need to select a sample of user
