ExpertHard1 markMultiple Choice
CPA · Question 33 · Area II: Security
Which PCI DSS requirement falls under the goal of 'Protect Cardholder Data'?
Which PCI DSS requirement falls under the goal of 'Protect Cardholder Data'?
Answer options:
A.
Install and maintain a firewall configuration.
B.
Encrypt transmission of cardholder data across open, public networks.
C.
Use and regularly update anti-virus software.
D.
Restrict access to cardholder data by business need to know.
How to approach this question
Map the specific control to the 6 high-level goals of PCI DSS.
Full Answer
B.Encrypt transmission of cardholder data across open, public networks.✓ Correct
Encrypt transmission of cardholder data across open, public networks.
The goal 'Protect Cardholder Data' includes Requirement 3 (Protect stored cardholder data) and Requirement 4 (Encrypt transmission of cardholder data across open, public networks).
Common mistakes
Mixing up the 6 goals.
Practice the full CPA ISC Practice Exam 5
82 questions · hints · full answers · grading
More questions from this exam
Q01A service organization provides a cloud-based payroll processing application to its user entities...MediumQ02An auditor is reviewing the shared responsibility model for a client using an Infrastructure as a...HardQ03A financial institution requires a cloud deployment model that offers the highest level of contro...MediumQ04During an IT audit, you observe that a company uses a 'Hybrid Cloud' architecture. Which scenario...MediumQ05Which component of IT architecture is primarily responsible for translating domain names (like ww...Easy