Summer Sale Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: ecus65

PCI SSC Assessor_New_V4 - Assessor_New_V4 Exam

Page: 1 / 2
Total 60 questions

Which of the following describes "stateful responses' to communication initiated by a trusted network?

A.

Administrative access to respond to requests to change the firewall is limited to one individual at a time

B.

Active network connections are tracked so that invalid response' traffic can be identified.

C.

A current baseline of application configurations is maintained and any mis-configuration is responded to promptly

D.

Logs of user activity on the firewall are correlated to identify and respond to suspicious behavior

According to the glossary, bespoke and custom software describes which type of software?

A.

Any software developed by a third party

B.

Any software developed by a third party that can be customized by an entity.

C.

Software developed by an entity for the entity's own use

D.

Virtual payment terminals

Which of the following statements is true whenever a cryptographic key is retired and replaced with a new key?

A.

The retired key must not be used for encryption operations

B.

Cryptographic key components from the retired key must be retained for 3 months before disposal

C.

A new key custodian must be assigned

D.

All data encrypted under the retired key must be securely destroyed

Which of the following meets the definition of 'quarterly' as indicated in the description of timeframes used in PCI DSS requirements?

A.

Occurring at some point in each quarter of a year

B.

At least once every 95 97 days.

C.

On the 15th of each third month

D.

On the 1st of each fourth month

Which of the following is an example of multi-factor authentication?

A.

A token that must be presented twice during the login process

B.

A user passphrase and an application level password.

C.

A user password and a PIN-activated smart card

D.

A user fingerprint and a user thumbprint

An organization has implemented a change-detection mechanism on their systems. How often must critical file comparisons be performed?

A.

At least weekly

B.

Periodically as defined by the entity

C.

Only after a valid change is installed

D.

At least monthly

Which scenario meets PCI DSS requirements for critical systems to have correct and consistent time?

A.

Each internal system is configured to be its own time server.

B.

Access to time configuration settings is available to all users of the system.

C.

Central time servers receive time signals from specific, approved external sources

D.

Each internal system peers directory with an external source to ensure accuracy of time updates

According to requirement 1, what is the purpose of "Network Security Controls?

A.

Manage anti-malware throughout the CDE.

B.

Control network traffic between two or more logical or physical network segments.

C.

Discover vulnerabilities and rank them

D.

Encrypt PAN when stored

What would be an appropriate strength for the key-encrypting key (KEK) used to protect an AES 128-bit data-encrypting key (DEK)

A.

DES256

B.

RSA512

C.

AES 128

D.

ROT 13

Which statement is true regarding the use of intrusion detection techniques, such as intrusion detection systems and/or intrusion protection systems (IDS'IPS)?

A.

Intrusion detection techniques are required on all system components

B.

Intrusion detection techniques are required to alert personnel of suspected compromises

C.

Intrusion detection techniques are required to isolate systems in the cardholder data environment from all other systems

D.

Intrusion detection techniques are required to identify all instances of cardholder data