Question 1

All internal scanning must be what?

Options :

A : Performed monthly

B : Require an ASV for internal scanning to match external scanning

C : Performed via authenticated scanning

D : Performed via unauthenticated scanning

Answer: C

Question 2

Which of the following is NOT a principle of the PCI DSS?

Options :

A : Regularly monitoring and testing networks to ensure security controls remain effective

B : Implementing access controls to restrict cardholder data access on a "need-to-know" basis

C : Using proprietary encryption algorithms for securing cardholder data

D : Protecting cardholder data during transmission over open, public networks through strong cryptography

Answer: C

Question 3

An entity is looking at ways to securely destroy their electronic media that contains CHD. Which of the following would be suitable?

Options :

A : Shredding

B : Grinding

C : Degaussing

D : Deleting

Answer: A,B,C

Question 4

A merchant is undergoing penetration testing and are using a test/developer environment to ensure the penetration testers do not cause any outages to their live database. Which piece of live CHD (cardholder data) may not be used inside this test/developer environment?

Options :

A : PAN

B : Expiry Date

C : Any live CHD can be used in a test/developer environment

D : Customer Name

Answer: A

Question 5

Which of the following is NOT considered a key principle of the Payment Card Industry Data Security Standard (PCI DSS)?

Options :

A : Regularly Monitor and Test Networks

B : Ensure Compliance with Industry Regulations

C : Maintain a Vulnerability Management Program

D : Implement Strong Access Control Measures

Answer: B

Smartly Prepare Exam with Free Online PCIP_New_V4 Practice Test

Buying Options: