100% satisfaction guarantee Immediately available after payment Both online and in PDF No strings attached
logo-home
PCI-DSS ISA Exam Questions and Answers $12.99   Add to cart

Exam (elaborations)

PCI-DSS ISA Exam Questions and Answers

 3 views  0 purchase
  • Course
  • Pci
  • Institution
  • Pci

PCI-DSS ISA Exam Questions and Answers Perimeter firewalls installed ______________________________. between all wireless networks and the CHD environment. Where should firewalls be installed? At each Internet connection and between any DMZ and the internal network. Previous Pla...

[Show more]

Preview 2 out of 5  pages

  • October 31, 2024
  • 5
  • 2024/2025
  • Exam (elaborations)
  • Questions & answers
  • Pci
  • Pci
avatar-seller
Pogba119
PCI-DSS ISA Exam Questions and
Answers
Perimeter firewalls installed ______________________________. - answer between
all wireless networks and the CHD environment.

Where should firewalls be installed? - answer At each Internet connection and
between any DMZ and the internal network.

Review of firewall and router rule sets at least every __________________. - answer
6 months

If disk encryption is used - answer logical access must be managed separately and
independently of native operating system authentication and access control
mechanisms

Manual clear-text key-management procedures specify processes for the use of the
following: - answer Split knowledge AND Dual control of keys

What is considered "Sensitive Authentication Data"? - answer Card verification value

When a PAN is displayed to an employee who does NOT need to see the full PAN, the
minimum digits to be masked are: All digits between the ___________ and the
__________. - answer first 6; last 4

Regarding protection of PAN... - answer PAN must be rendered unreadable during
the transmission over public and wireless networks.

Under requirement 3.4, what method must be used to render the PAN unreadable? -
answer Hashing the entire PAN using strong cryptography

Weak security controls that should NOT be used - answer WEP, SSL, and TLS 1.0
or earlier

Per requirement 5, anti-virus technology must be deployed_________________ -
answer on all system components commonly affected by malicious software.

Key functions for anti-vius program per Requirement 5: - answer 1) Detect
2) Remove
3) Protect

Anti-virus solutions may be temporarily disabled only if - answer there is legitimate
technical need, as authorized by management on a case-by-case basis

, When to install "critical" applicable vendor-supplied security patches? ---> within
_________ of release. - answer 1 month

When to install applicable vendor-supplied security patches? - answer within an
appropriate time frame (for example, within three months).

When assessing requirement 6.5, testing to verify secure coding techniques are in place
to address common coding vulnerabilities includes: - answer Reviewing software
development policies and procedures

Requirements 7 restricted access controls by: - answer Need-to-know and least
privilege

Inactive accounts over _____________days need to be removed or disabled. - answer
90 days

To verify user access termination policy, an ISA need to select a sample of user
terminated in the past _______________ months, and review current user access lists
—for both local and remote access—to verify that their IDs have been deactivated or
removed from the access lists. - answer 6 months

How many logon attempts should be allowed until resulting temporarily account locked-
out? - answer 6 attempts

Once user account is locked-out, it will remain locked for a minimum of
________________________ or until a system administrator resets the account. -
answer 30 minutes

System/session idle time out must be set to_________ minutes or less. - answer 15
minutes

What are the methods to authenticate users? - answer - "Something you know",
such as a password or passphrase
- "Something you have", such as a token device or smart card, or
- "Something you are", such as a biometric.

Where passwords or pass-phrases are used, they must be at least _______ characters
long and contain both numeric and alphabetic characters. - answer 7

Passwords must be changed at least once every__________________. - answer 90
days

Password history must also be in place to ensure that users' ________ previous
passwords can't be re-used. - answer 4

The benefits of buying summaries with Stuvia:

Guaranteed quality through customer reviews

Guaranteed quality through customer reviews

Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.

Quick and easy check-out

Quick and easy check-out

You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.

Focus on what matters

Focus on what matters

Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!

Frequently asked questions

What do I get when I buy this document?

You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.

Satisfaction guarantee: how does it work?

Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.

Who am I buying these notes from?

Stuvia is a marketplace, so you are not buying this document from us, but from seller Pogba119. Stuvia facilitates payment to the seller.

Will I be stuck with a subscription?

No, you only buy these notes for $12.99. You're not tied to anything after your purchase.

Can Stuvia be trusted?

4.6 stars on Google & Trustpilot (+1000 reviews)

66579 documents were sold in the last 30 days

Founded in 2010, the go-to place to buy study notes for 14 years now

Start selling
$12.99
  • (0)
  Add to cart