PCI DSS ISA STUDY GUIDE
(REQUIREMENTS) QUESTIONS WITH
100% SOLVED ANSWERS!!
1 of 49
Term
Unprotected PANs can be sent via end-user messaging
technologies.
Give this one a try later!
False True.
True False.
, Don't know?
2 of 49
Definition
Encrypt transmission of cardholder data across open, public
networks
Give this one a try later!
Requirement 3 Requirement 5
Requirement 2 Requirement 4
Don't know?
3 of 49
Term
What must a network diagram include?
Give this one a try later!
Only internal network connections, All external connections, ignoring
excluding wireless networks. cardholder data links.
, All connections to Only wired connections to the
cardholder data, including internet, omitting any wireless data
any wireless networks. paths.
Don't know?
4 of 49
Term
Wireless networks transmitting cardholder data or connected to the
cardholder data environment must use what?
Give this one a try later!
Legacy methods (WEP) for Public keys (RSA) for general data
minimal encryption. transmission.
Industry best practices (IEEE
802.11i) to implement strong Standard protocols (IEEE 802.11a)
encryption for authentication for basic authentication.
and transmission.
Don't know?
5 of 49
Term
Besides technologies, what else is considered in scope?
, Give this one a try later!
People and Processes People and Hardware
Hardware and Software Software and People
Don't know?
6 of 49
Term
What firewall and router configurations need to be examined?
Give this one a try later!
A formal process for testing and approval of all:
Network connections and changes to firewall and router configurations.
1. Build and Maintain a Secure Network and Systems.
2.Protect Cardholder Data.
3. Maintain a Vulnerability Management Program.
4. Implement Strong Access Control Measures.
5. Regularly Monitor and Test Networks.
6.Maintain an Information Security Policy.
the choke router at the internet
the DMZ router and firewall
the DMZ cardholder segment
the perimeter router
the internal cardholder network segment
(REQUIREMENTS) QUESTIONS WITH
100% SOLVED ANSWERS!!
1 of 49
Term
Unprotected PANs can be sent via end-user messaging
technologies.
Give this one a try later!
False True.
True False.
, Don't know?
2 of 49
Definition
Encrypt transmission of cardholder data across open, public
networks
Give this one a try later!
Requirement 3 Requirement 5
Requirement 2 Requirement 4
Don't know?
3 of 49
Term
What must a network diagram include?
Give this one a try later!
Only internal network connections, All external connections, ignoring
excluding wireless networks. cardholder data links.
, All connections to Only wired connections to the
cardholder data, including internet, omitting any wireless data
any wireless networks. paths.
Don't know?
4 of 49
Term
Wireless networks transmitting cardholder data or connected to the
cardholder data environment must use what?
Give this one a try later!
Legacy methods (WEP) for Public keys (RSA) for general data
minimal encryption. transmission.
Industry best practices (IEEE
802.11i) to implement strong Standard protocols (IEEE 802.11a)
encryption for authentication for basic authentication.
and transmission.
Don't know?
5 of 49
Term
Besides technologies, what else is considered in scope?
, Give this one a try later!
People and Processes People and Hardware
Hardware and Software Software and People
Don't know?
6 of 49
Term
What firewall and router configurations need to be examined?
Give this one a try later!
A formal process for testing and approval of all:
Network connections and changes to firewall and router configurations.
1. Build and Maintain a Secure Network and Systems.
2.Protect Cardholder Data.
3. Maintain a Vulnerability Management Program.
4. Implement Strong Access Control Measures.
5. Regularly Monitor and Test Networks.
6.Maintain an Information Security Policy.
the choke router at the internet
the DMZ router and firewall
the DMZ cardholder segment
the perimeter router
the internal cardholder network segment
