Question 1

Which appendix is designed for Sample Templates to Support Customized Approach

Options :

A : Appendix F

B : Appendix E

C : Appendix C

D : Appendix B

Answer: B

Question 2

An entity has a visitor attending their premises. Part of this visit includes entering a secure server room which houses the CDE. Out of the following, which applies?

Options :

A : The visitor must ensure they tell suitable staff where they are going when not being escorted

B : The visitor must be escorted at all times

C : The visitor can attend any location on their own if they are carrying out an assessment

D : The visitor should never be able to access a server room which houses CDE, regardless of their job or reason

Answer: B

Question 3

What is an 'inactive user account'?

Options :

A : An account that has only been used once over the course of 90 days

B : An account that is used by a current employee for a particular task

C : An account that has not been used in over 30 days

D : An account that has not been used in over 90 days

Answer: D

Question 4

What should always be included in any access control model?

Options :

A : Names of all roles

B : List of people in authority

C : Principle of least privilege

D : Names of all staff

Answer: C

Question 5

Requirement 1.2.2 discusses changes must be approved and managed in accordance with what requirement regarding change management?

Options :

A : 11.5.1

B : 6.5.1

C : 4.2.3

D : 12.2.1

Answer: B