PCI ISA EXAM LATEST (100 REAL EXAM QUESTIONS AND CORRECT ANSWERS) For PCI DSS requirement 1, firewall and router rule sets need to be reviewed every _____________ months - ANSWER- 6 months Non-console administrator access to any web-based mana

PCI ISA EXAM LATEST (100 REAL EXAM QUESTIONS AND CORRECT ANSWERS) For PCI DSS requirement 1, firewall and router rule sets need to be reviewed every _____________ months - ANSWER- 6 months Non-console administrator access to any web-based management interfaces must be encrypted with technology such as......... - ANSWER- HTTPS Requirements 2.2.2 and 2.2.3 cover the use of secure services, protocols and daemons. Which of the following is considered to be secure? - ANSWER- SSH, TLS, IPSEC, VPN Which of the following is considered "Sensitive Authentication Data"? - ANSWER- Card Verification Value (CAV2/CVC2/CVV2/CID), Full Track Data, PIN/PIN Block True or False: It is acceptable for merchants to store Sensitive Authentication after authorization as long as it is strongly encrypted? - ANSWER- False When a PAN is displayed to an employee who does NOT need to see the full PAN, the minimum digits to be masked are: - ANSWER- All digits between the first six and last four Which of the following is true regarding protection of PAN? - ANSWER- PAN must be rendered unreadable during transmission over public, wireless networks Which of the following may be used to render PAN unreadable in order to meet requirement 3.4? - ANSWER- Hashing the entire PAN using strong cryptography, truncation, index tokens and pads with pads being securely stored, strong cryptography with associated key-management processes and procedures True or False Manual clear-text key-management procedures specify processes for the use of keys that are stored on production systems, use of split knowledge and dual control is required. - ANSWER- True