PCIP PRACTICE LATEST
In order to be considered a compensating control, which of the following
must exist?
A. A legitimate technical constraint and a documented business
constraint.
B. A legitimate technical constraint.
C. A legitimate technical constraint of a documented business constraint.
D. A documented business constraint. - ANSWERS-Correct Answer: C
PCI DSS Requirement 1
A. Install and maintain a firewall configuration to protect cardholder
data
B. Do not use vendor supplied defaults for system passwords and other
security parameters
END OF
PAGE
1
, PCIP PRACTICE LATEST
C. Protect stored cardholder data by enacting a formal data retention
policy and implement secure deletion
methods
D. Protected Cardholder Data during transmission over the internet,
wireless networks or other open access
networks or systems (GSM, GPRS, etc.) - ANSWERS-Correct Answer:
A
PCI DSS Requirement 2
A. Install and maintain a firewall configuration to protect cardholder
data
B. Do not use vendor supplied defaults for system passwords and other
security parameters
C. Protect stored cardholder data by enacting a formal data retention
policy and implement secure deletion
END OF
PAGE
2
, PCIP PRACTICE LATEST
methods
D. Protected Cardholder Data during transmission over the internet,
wireless networks or other open access
networks or systems (GSM, GPRS, etc.) - ANSWERS-Correct Answer:
B
PCI DSS Requirement 3
A. Install and maintain a firewall configuration to protect cardholder
data
B. Do not use vendor supplied defaults for system passwords and other
security parameters
C. Protect stored cardholder data by enacting a formal data retention
policy and implement secure deletion
END OF
PAGE
3
In order to be considered a compensating control, which of the following
must exist?
A. A legitimate technical constraint and a documented business
constraint.
B. A legitimate technical constraint.
C. A legitimate technical constraint of a documented business constraint.
D. A documented business constraint. - ANSWERS-Correct Answer: C
PCI DSS Requirement 1
A. Install and maintain a firewall configuration to protect cardholder
data
B. Do not use vendor supplied defaults for system passwords and other
security parameters
END OF
PAGE
1
, PCIP PRACTICE LATEST
C. Protect stored cardholder data by enacting a formal data retention
policy and implement secure deletion
methods
D. Protected Cardholder Data during transmission over the internet,
wireless networks or other open access
networks or systems (GSM, GPRS, etc.) - ANSWERS-Correct Answer:
A
PCI DSS Requirement 2
A. Install and maintain a firewall configuration to protect cardholder
data
B. Do not use vendor supplied defaults for system passwords and other
security parameters
C. Protect stored cardholder data by enacting a formal data retention
policy and implement secure deletion
END OF
PAGE
2
, PCIP PRACTICE LATEST
methods
D. Protected Cardholder Data during transmission over the internet,
wireless networks or other open access
networks or systems (GSM, GPRS, etc.) - ANSWERS-Correct Answer:
B
PCI DSS Requirement 3
A. Install and maintain a firewall configuration to protect cardholder
data
B. Do not use vendor supplied defaults for system passwords and other
security parameters
C. Protect stored cardholder data by enacting a formal data retention
policy and implement secure deletion
END OF
PAGE
3
