PCI ISA Flashcards 3.2.1 In-class activity

For PCI DSS requirement 1, firewall and router rule sets need to be reviewed every _____________ months - answer-6 months Non-console administrator access to any web-based management interfaces must be encrypted with technology such as......... - answer-HTTPS Requirements 2.2.2 and 2.2.3 cover the use of secure services, protocols and daemons. Which of the following is considered to be secure? - answer-SSH Which of the following is considered "Sensitive Authentication Data"? - answer-Card Verification Value (CAV2/CVC2/CVV2/CID), Full Track Data, PIN/PIN Block True or False: It is acceptable for merchants to store Sensitive Authentication after authorization as long as it is strongly encrypted? - answer-False When a PAN is displayed to an employee who does NOT need to see the full PAN, the minimum digits to be masked are: - answer-All digits between the first six and last four Which of the following is true regarding protection of PAN? - answer-PAN must be rendered unreadable during transmission over public, wireless networks Which of the following may be used to render PAN unreadable in order to meet requirement 3.4? - answer-Hashing the entire PAN using strong cryptography True or False Where keys are stored on production systems, split knowledge and dual control is required? - answer-True When assessing requirement 6.5, testing to verify secure coding techniques are in place to address common coding vulnerabilities includes: - answer-Reviewing software development policies and procedures One of the principles to be used when granting user access to systems in CDE is: - answer-Least privilege An example of a "one-way" cryptographic function used to render data unreadable is: - answer-SHA-2 A