Which PCI DSS requirement falls under the goal of 'Protect Cardholder Data'?

Answer options:

Install and maintain a firewall configuration.

Encrypt transmission of cardholder data across open, public networks.

Use and regularly update anti-virus software.

Restrict access to cardholder data by business need to know.

How to approach this question

Map the specific control to the 6 high-level goals of PCI DSS.

Full Answer

B.Encrypt transmission of cardholder data across open, public networks.✓ Correct

The goal 'Protect Cardholder Data' includes Requirement 3 (Protect stored cardholder data) and Requirement 4 (Encrypt transmission of cardholder data across open, public networks).

Common mistakes

Mixing up the 6 goals.

Question 32 All questions Question 34

Practice the full CPA ISC Practice Exam 5

82 questions · hints · full answers · grading

More questions from this exam

Q01A service organization provides a cloud-based payroll processing application to its user entities...Medium Q02An auditor is reviewing the shared responsibility model for a client using an Infrastructure as a...Hard Q03A financial institution requires a cloud deployment model that offers the highest level of contro...Medium Q04During an IT audit, you observe that a company uses a 'Hybrid Cloud' architecture. Which scenario...Medium Q05Which component of IT architecture is primarily responsible for translating domain names (like ww...Easy

View all 82 questions →