Which scenario meets PCI DSS requirements for restricting access to databases containing cardholder data?

• A.User access to the database is only through programmatic methods
• B.User access to the database is restricted to system and network administrators
• C.Application IDs for database applications can only be used by database administrators
• D.Direct queries to the database are restricted to shared database administrator accounts

Comment: *

Name: *

Email: *

Verification: *

Which systems must have anti-malware solutions'

• A.All CDE systems, connected systems. NSCs. and security-providing systems
• B.All portable electronic storage
• C.All systems that store PAN
• D.Any in-scope system except for those identified as not at risk from malware

Comment: *

Name: *

Email: *

Verification: *

Viewing of audit log files should be limited to?

• A.Individuals who performed the logged activity
• B.Individuals with read/write access
• C.Individuals with administrator privileges
• D.Individuals with a job-related need

Comment: *

Name: *

Email: *

Verification: *

What would be an appropriate strength for the key-encrypting key (KEK) used to protect an AES 128-bit data-encrypting key (DEK)

• A.DES256
• B.RSA512
• C.AES 128
• D.ROT 13

Comment: *

Name: *

Email: *

Verification: *

At which step in the payment transaction process does the merchants bank pay the merchant for the purchase and the cardholder s bank bill the cardholder?

• A.Authorization
• B.Clearing
• C.Settlement
• D.Chargeback

Comment: *

Name: *

Email: *

Verification: *