Assessor_New_V4 無料問題集「PCI SSC Assessor_New_V4」

（A）Individuals with a job-related need

（B）Individuals who performed the logged activity

（C）Individuals with administrator privileges

（D）Individuals with read/write access

（A）User access to the database is only through programmatic methods

（B）Direct queries to the database are restricted to shared database administrator accounts

（C）User access to the database is restricted to system and network administrators

（D）Application IDs for database applications can only be used by database administrators

（A）Development of strong cryptographic algorithms

（B）Secure coding practices for commercial payment applications.

（C）End-to-end encryption solutions for transmission of account data

（D）Point-of-interaction devices used to protect account data

（A）Encrypt PAN when stored

（B）Discover vulnerabilities and rank them

（C）Control network traffic between two or more logical or physical network segments.

（D）Manage anti-malware throughout the CDE.

（A）A compensating control must address the risk associated with not adhering to the PCI DSS requirement

（B）An existing PCI DSS requirement can be used as compensating control if it is already implemented

（C）A compensating control worksheet is not required if the acquirer approves the compensating control

（D）A compensating control is not necessary if all other PCI DSS requirements are in place

（A）Configure the firewall to permit all traffic until additional rules are defined

（B）Synchronize the firewall rules with the other firewalls m the environment

（C）Disable any firewall functions that are not needed in production

（D）Remove the default 'Firewall Administrator account and create a shared account for firewall administrators to use.