PCI DSS 3.2.1 Test Questions | 100% Correct Answers | Verified | Latest 2024 Version

Which of the following does not belong? The following events should be included in automated audit trails for all system component: -Individual access to cardholder data -Creation and deletion of system-level objects -Invalid logical access attempts -Actions taken by user with root or administrative privileges -Changes, additions, or deletions to any account with root or administrative privileges -Audit trail access -Use of identification and authentication mechanisms -Elevation of privileges -Initialization of audit logs -Stopping or pausing of audit logs - All of these should be included. (Requirement 10.2.1 - 10.2.7) Which of the following does not belong? The following audit trail entries should be recorded for each event: -User identification -Type of event -Date and time -Success or failure -Origination of event -Identity of name of affected data, system component, or resource -Initializing, stopping, or pausing of audit logs - Initializing, stopping, or pausing of audit logs - this choice is part of what should be included in audit logs (10.2)