Which of the following file types must be monitored by a change-detection mechanism (for example, a file-integrity monitoring tool)?
Which statement is true regarding the presence of both hashed and truncated versions of the same PAN in an environment?
Which of the following file types must be monitored by a change-detection mechanism (e.g., a file-integrity monitoring tool)?
According to the glossary, "bespoke and custom software” describes which type of software?
An organization wishes to implement multi-factor authentication for remote access, using the user's individual password and a digital certificate. Which of the following scenarios would meet PCI DSS requirements for multi-factor authentication?
Which of the following describes “stateful responses” to communication initiated by a trusted network?
A "Partial Assessment" is a new assessment result. What is a “Partial Assessment"?
PCI DSS Requirement 12.7 requires screening and background checks for which of the following?
At which step in the payment transaction process does the merchant's bank pay the merchant for the purchase, and the cardholder's bank bill the cardholder?
If disk encryption is used to protect account data, what requirement should be met for the disk encryption solution?
What must be included in an organization's procedures for managing visitors?
An internal NTP server that provides time services to the Cardholder Data Environment is?
Which of the following is a requirement for multi-tenant service providers?
In the ROC Reporting Template, which of the following is the best approach for a response where the requirement was “In Place”?
Which statement is true regarding the use of intrusion detection techniques, such as intrusion detection systems and/or intrusion protection systems (IDS/IPS)?