100% satisfaction guarantee Immediately available after payment Both online and in PDF No strings attached
logo-home
Previously searched by you
Previously searched by you
logo
PCI ISA Test Prep 100% Correct Answers Verified Latest 2024 Version $7.99   Add to cart
Quickly navigate to
Preview
  2.  
  3. Academic Avengers Verified Papers
  4.  
  5. Academic Avengers Verified Papers

Exam (elaborations)

PCI ISA Test Prep 100% Correct Answers Verified Latest 2024 Version
 5 views  0 purchase
  • Course
  • Academic Avengers Verified Papers
  • Institution
  • Academic Avengers Verified Papers

PCI ISA Test Prep | 100% Correct Answers | Verified | Latest 2024 Version QSAs must retain work papers for a minimum of _______ years. It is a recommendation for ISAs to do the same. - 3 According to PCI DSS requirement 1, Firewall and router rule sets need to be reviewed every _____ months. -...

[Show more]

Preview 2 out of 6  pages

Document information

  • July 3, 2024
  • 6
  • 2023/2024
  • Exam (elaborations)
  • Questions & answers

Subjects

  • pci isa test prep 100 correct answers verifie

Written for

  • Academic Avengers Verified Papers
All documents for this subject (1419)

Seller

avatar-seller
hov

Content preview

PCI ISA Test Prep | 100% Correct Answers |
Verified | Latest 2024 Version
QSAs must retain work papers for a minimum of _______ years. It is a recommendation for ISAs to do
the same. - ✔✔3



According to PCI DSS requirement 1, Firewall and router rule sets need to be reviewed every _____
months. - ✔✔6



At least ______________ and prior to the annual assessment the assessed entity:



- Identifies all locations and flows of cardholder data to verify they are included in the CDE

- Confirms the accuracy of their PCI DSS scope

- Retains their scoping documentation for assessor reference - ✔✔annually



scope includes - ✔✔ppl process, tech



Evidence Retention

It is recommended that the ISA secure and maintain digital and/or hard copies of case logs, audit results
and work papers, notes, and any technical information that was created and/or obtained during the PCI
Data Security Assessment for a minimum of ________ or as applicable to company data retention
policies - ✔✔of three (3) years



A (time) ______ process for identifying and securely deleting stored cardholder data that exceeds
defined retention requirements. - ✔✔quarterly



Do not store SAD after ____________ (even if encrypted). (track data / cvc / pin) - ✔✔authorization



manual clear-text key-management procedures specify processes for the use of the following - ✔✔Split
knowledge.Dual control

, Dual control - ✔✔least two people are required to perform any key-management operations and no one
person has access to the authentication materials (for example, passwords or keys) of another



Split knowledge - ✔✔key components are under the control of at least two people who only have
knowledge of their own key components



PAN is rendered unreadable in which ways - ✔✔hash

mask

encrypt

pad



Ensure that all system components and software are protected from known vulnerabilities by installing
applicable vendor-supplied security patches. Install critical security patches within _____ of release. -
✔✔one month



Installation of all applicable vendor-supplied security patches within an ___________________ -
✔✔appropriate time frame (for example, within three months)



makes sure change control has these 4 things - ✔✔impack

testing (PCI review)

backout

approval



Train developers at least ________ in up-to-date secure coding techniques, including how to avoid
common coding vulnerabilities, and understanding how sensitive data is handled in memory. -
✔✔annually



Reviewing public-facing web applications via manual or automated application vulnerability security
assessment tools or methods, at least ___________________

The benefits of buying summaries with Stuvia:

Guaranteed quality through customer reviews

Guaranteed quality through customer reviews

Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.

Quick and easy check-out

Quick and easy check-out

You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.

Focus on what matters

Focus on what matters

Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!

Frequently asked questions

What do I get when I buy this document?

You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.

Satisfaction guarantee: how does it work?

Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.

Who am I buying these notes from?

Stuvia is a marketplace, so you are not buying this document from us, but from seller hov. Stuvia facilitates payment to the seller.

Will I be stuck with a subscription?

No, you only buy these notes for $7.99. You're not tied to anything after your purchase.

Can Stuvia be trusted?

4.6 stars on Google & Trustpilot (+1000 reviews)

78600 documents were sold in the last 30 days

Founded in 2010, the go-to place to buy study notes for 14 years now

Start selling
$7.99
  • (0)
  Add to cart