
売れ筋トップクラスのPCIP3.0最新試験問題2023年最新のPCI試験練習
PCI Certification問題集でPCIP3.0試験は完全版問題で試験学習ガイド
質問 # 18
Requirement 8.2.3 states that passwords/phrases must contain both numeric and alphabetic characters and a minimum length of at least
- A. 7 characters
- B. 6 characters
- C. 8 characters
- D. 14 characters
正解:A
質問 # 19
SELECT ALL THAT APPLY
Select all audit trails that must be recorded for all system components according to requirement 10.3
- A. Identity or name of affected data, system component, or resource
- B. Type of event
- C. Origination of event
- D. Date and time
- E. Success or failure identification
- F. User identification
正解:A、B、C、D、E、F
質問 # 20
As defined by PCI DSS Requirement 7, access to cardholder data should be restricted based on which principle?
- A. Business need to know
- B. No access to cardholder data should be permitted
- C. Number of personnel in the organization
- D. Maximum priviledge
正解:A
質問 # 21
Internal and external vulnerability scans should run at minimum on every __________ to meet requirement 11.2
- A. 60 days
- B. 30 days
- C. 90 days
- D. 180 days
正解:C
質問 # 22
According to Requirement 10.4 the use of Time synchronization like NTP should be implemented on all critical systems for acquiring, distributing, and storing time.
- A. False
- B. True
正解:B
質問 # 23
To be compliant with requirement 8.1.4 you have to remove/disable inactive user accounts at least every
- A. 60 days
- B. 30 days
- C. 90 days
- D. 180 days
正解:C
質問 # 24
Imprint-Only Merchants with no electronic storage of cardholder data may be eligible to use which SAQ?
- A. SAQ D
- B. SAQ B
- C. SAQ C/VT
- D. SAQ A
正解:B
質問 # 25
If virtualization technologies are used in a cardholder data environment:
- A. The virtualization technologies are not in scope for PCI DSS
- B. The virtualization technologies are included in scope for PCI DSS
- C. Entities using virtualization technologies should complete SAQ C
- D. Virtualization technologies should not be used in the cardholder data environment
正解:B
質問 # 26
Requirement 2.2.2 and 2.2.3 cover the use of secure services, protocols, and daemons as required for the function of a system. Which of the following is considered secure?
- A. FTP
- B. SSH
- C. Telnet
- D. RLogon
正解:B
質問 # 27
The PCI DSS Requirement most closely associated with "Logging" is ____________
- A. Requirement 10
- B. Requirement 8
- C. Requirement 2
- D. Requirement 11
正解:A
質問 # 28
Which of the following lists the correct "order" for the flow of a payment card transaction?
- A. Authorization, Settlement, Clearing
- B. Authorization, Clearing, Settlement
- C. Clearing, Authorization, Settlement
- D. Clearing, Settlement, Authorization
正解:B
質問 # 29
Information Security Policies must be reviewed/updated _____________ to meet requirement 12.1.1
- A. Monthly
- B. Yearly
- C. Every 6 months
- D. Quarterly
正解:B
質問 # 30
Intrusion-detection and/or intrusion-prevention techniques are NOT a requirement to monitor all traffic at the perimeter of the cardholder data environment as well as at critical points in the CDE and alert personnel to suspected compromises.
- A. True
- B. False
正解:B
質問 # 31
Protect all systems against malware and regularly updated anti-virus software or programs is the
____________
- A. Requirement 6
- B. Requirement 5
- C. Requirement 4
- D. Requirement 7
正解:B
質問 # 32
An user should be required to re-authenticate to activate the terminal or session if it's been idle for more than
- A. 60 minutes
- B. 15 minutes
- C. 10 minutes
- D. 30 minutes
正解:B
質問 # 33
Requirement 11.3 - Implement a methodology for penetration testing is a best practice until June 30 2015
- A. False
- B. True
正解:B
質問 # 34
The lockout of an user ID should be set until an administrator re-enables the user or to a minimum of
- A. 60 minutes
- B. 30 minutes
- C. 15 minutes
- D. 10 minutes
正解:B
質問 # 35
PCI DSS Requirement 1 covers:
- A. Secure development of DMZ applications and systems
- B. Masking of PAN wherever it is displayed
- C. Implementation of firewalls between the CDE and untrusted networks
- D. Installation of anti-virus software
正解:C
質問 # 36
......
最善な方法で問題集を使おう!練習テストならこれPCI PCIP3.0:https://jp.fast2test.com/PCIP3.0-premium-file.html