Internal and external vulnerability scans should run at minimum on every __________ to meet requirement 11.2

• A.90 days
• B.60 days
• C.30 days
• D.180 days

Comment: *

Name: *

Email: *

Verification: *

In the event of a violation of the PCIP Qualification Requirements, disciplinary actions for PCIPs could include:

• A.Verbal warning, suspension, monthly fines
• B.Written warning, suspension, revocation
• C.Verbal warning, one-off fine, revocation
• D.Written warning, remediation, monthly fines

Comment: *

Name: *

Email: *

Verification: *

Quarterly internal vulnerability scans should be executed and rescans as needed until what point?

• A.Until you get a PCI Scan passing score
• B.All identified vulnerabilities are resolved
• C.High and medium risks vulnerabilities are resolved
• D.High-risk vulnerabilities (as defined in Requirement 6.1) are resolved

Comment: *

Name: *

Email: *

Verification: *

PCI DSS Requirement 1 covers:

• A.Implementation of firewalls between the CDE and untrusted networks
• B.Installation of anti-virus software
• C.Masking of PAN wherever it is displayed
• D.Secure development of DMZ applications and systems

Comment: *

Name: *

Email: *

Verification: *

According to requirement 8.1.6 an user ID should be locked out after a maximum how many repeated access attempts?

• A.6
• B.4
• C.5
• D.3

Comment: *

Name: *

Email: *

Verification: *