Examen
PCI Compliance Exam Questions and Answers 100% Accurate
- Cours
- Établissement
Exam of 8 pages for the course pci at pci (PCI Compliance Exam)
[Montrer plus]
Aperçu du contenu
PCI Compliance ExamPCI - answer Payment Card Industry; includes businesses associated with credit, debit,
and other payment cards
PCI Security Standards Council is founded by - answer Five major card brands -
American Express, Discover Financial Services, JCB International, MasterCard
Worldwide, and Visa Inc
PCI Security Standards Council - answer an open global forum, responsible for the
development, management, education, and awareness of PCI security standards
DSS - answer Data Security Standards; Developed by PCI Council to help prevent
unauthorized access to cardholders' sensitive banking information; set out security
management requirements and processes for all businesses that work with or process
payment card transactions; standards also apply to all businesses that store, process,
or transmit account data and sensitive authentication data, such as card security codes;
Merchants that fail to comply with the standards may be fined or prohibited from
allowing credit or debit card transactions
What did Unisys security index survey find? - answerFound that many Americans fear
credit and debit card fraud; the concern is greater than that of terrorism, computer and
health viruses, and fear for their person safety; For payment cards to remain viable,
customers have to feel that their cards and information are secure, and that the
merchants with which they do business will protect this information
PCI Compliance - answerProtecting the security of customers' credit and debit card
information is vital for your business; a breach of security can result in identity theft,
fraud, and other crimes, as well as impact your company's reputation, and even your job
Payment Card Industry Data Security Standards - answerwere put in place to help
prevent unauthorized access to cardholders' sensitive financial information
Data Security Standards - answerAmerican Express, Discover Financial Services, JCB
International, MasterCard, VISA; the five founding payment card brands have agreed to
incorporate the PCI DSS as the technical requirements of each of their data security
compliance programs; worldwide, business that accept payment cards or manage data
associated with these branded cards are expected to adhere to these standards;
merchants that accept card payments at cash registers, over the phone, or from an e-
commerce site are required to follow the PCI DSS; security requirements also apply to
the "back-office" processing of invoices, receipts, and order fulfillment requests,
including the computers and networks involved in the processing
, DSS include 12 standards, which are associated with six security principles - answer*
build and maintain a secure network and systems
* protect cardholder data
* maintain a vulnerability management program
* implement strong access control measures
* regularly monitor and test networks
* maintain an information security policy
Secure network and systems - answerBuilding and maintaining a secure network
involves using strict network access controls to prevent unauthorized people from
gaining virtual access to account data. This includes issuing strict password controls,
strong routing and firewall protections, wireless and mobile security, and anti-malware
programs
Standards:
1. Install and maintain a firewall and router configuration to protect account data
2. Don't use vendor-supplied defaults for system passwords and other security
parameters.
Cardholder data - answerTo protect cardholder data, merchants should store account
data only when absolutely necessary and should never store sensitive authentication
data, such as card security codes or PINs after authorization. The stored data should
then be secured via policies, encryption, and other access control measures.
Personnel must have a legitimate business need to view more than the first six digits or
last four digits of a unique payment card number that identifies the issuer and the
particular account.
Similarly, if card data is transmitted across networks, strong authentication and
encryption policies are required. For instance, you should never send unprotected
account numbers via unsecured channels such as e-mail, instant messaging, SMS or
text messaging, or using an online chat function.
Standards:
3. Protect stored account data
4. Encrypt transmission of account data across open, public networks
Access control measures - answerTo implement strong access control measures,
merchants should ensure that only those who have a business need work directly with
account data. Physical access should be limited through the use of locks, visitor logs,
security authorization for people entering areas where account data is being processed,
and other security measures.
To protect electronic access to this information, merchants should also implement
strong authentication methods, and each person with computer access should have a
unique ID. Also, users should select strong, unique passwords that are changed at least
once every 90 days. Merchants should use multi-factor authentication for all individual
non-console administrative access and all remote access to the people, processes, and
technology that store, process, or transmit cardholder data or sensitive authentication
data
Standards:
Les avantages d'acheter des résumés chez Stuvia:
Qualité garantie par les avis des clients
Les clients de Stuvia ont évalués plus de 700 000 résumés. C'est comme ça que vous savez que vous achetez les meilleurs documents.
L’achat facile et rapide
Vous pouvez payer rapidement avec iDeal, carte de crédit ou Stuvia-crédit pour les résumés. Il n'y a pas d'adhésion nécessaire.
Focus sur l’essentiel
Vos camarades écrivent eux-mêmes les notes d’étude, c’est pourquoi les documents sont toujours fiables et à jour. Cela garantit que vous arrivez rapidement au coeur du matériel.
Foire aux questions
Qu'est-ce que j'obtiens en achetant ce document ?
Vous obtenez un PDF, disponible immédiatement après votre achat. Le document acheté est accessible à tout moment, n'importe où et indéfiniment via votre profil.
Garantie de remboursement : comment ça marche ?
Notre garantie de satisfaction garantit que vous trouverez toujours un document d'étude qui vous convient. Vous remplissez un formulaire et notre équipe du service client s'occupe du reste.
Auprès de qui est-ce que j'achète ce résumé ?
Stuvia est une place de marché. Alors, vous n'achetez donc pas ce document chez nous, mais auprès du vendeur jw638729. Stuvia facilite les paiements au vendeur.
Est-ce que j'aurai un abonnement?
Non, vous n'achetez ce résumé que pour $13.49. Vous n'êtes lié à rien après votre achat.
Peut-on faire confiance à Stuvia ?
4.6 étoiles sur Google & Trustpilot (+1000 avis)
80467 résumés ont été vendus ces 30 derniers jours
Fondée en 2010, la référence pour acheter des résumés depuis déjà 14 ans
