売れ筋トップクラスのPCIP3.0最新試験問題2023年最新のPCI試験練習 [Q18-Q36]

Share

売れ筋トップクラスのPCIP3.0最新試験問題2023年最新のPCI試験練習

PCI Certification問題集でPCIP3.0試験は完全版問題で試験学習ガイド

質問 # 18
Requirement 8.2.3 states that passwords/phrases must contain both numeric and alphabetic characters and a minimum length of at least

  • A. 7 characters
  • B. 6 characters
  • C. 8 characters
  • D. 14 characters

正解:A


質問 # 19
SELECT ALL THAT APPLY
Select all audit trails that must be recorded for all system components according to requirement 10.3

  • A. Identity or name of affected data, system component, or resource
  • B. Type of event
  • C. Origination of event
  • D. Date and time
  • E. Success or failure identification
  • F. User identification

正解:A、B、C、D、E、F


質問 # 20
As defined by PCI DSS Requirement 7, access to cardholder data should be restricted based on which principle?

  • A. Business need to know
  • B. No access to cardholder data should be permitted
  • C. Number of personnel in the organization
  • D. Maximum priviledge

正解:A


質問 # 21
Internal and external vulnerability scans should run at minimum on every __________ to meet requirement 11.2

  • A. 60 days
  • B. 30 days
  • C. 90 days
  • D. 180 days

正解:C


質問 # 22
According to Requirement 10.4 the use of Time synchronization like NTP should be implemented on all critical systems for acquiring, distributing, and storing time.

  • A. False
  • B. True

正解:B


質問 # 23
To be compliant with requirement 8.1.4 you have to remove/disable inactive user accounts at least every

  • A. 60 days
  • B. 30 days
  • C. 90 days
  • D. 180 days

正解:C


質問 # 24
Imprint-Only Merchants with no electronic storage of cardholder data may be eligible to use which SAQ?

  • A. SAQ D
  • B. SAQ B
  • C. SAQ C/VT
  • D. SAQ A

正解:B


質問 # 25
If virtualization technologies are used in a cardholder data environment:

  • A. The virtualization technologies are not in scope for PCI DSS
  • B. The virtualization technologies are included in scope for PCI DSS
  • C. Entities using virtualization technologies should complete SAQ C
  • D. Virtualization technologies should not be used in the cardholder data environment

正解:B


質問 # 26
Requirement 2.2.2 and 2.2.3 cover the use of secure services, protocols, and daemons as required for the function of a system. Which of the following is considered secure?

  • A. FTP
  • B. SSH
  • C. Telnet
  • D. RLogon

正解:B


質問 # 27
The PCI DSS Requirement most closely associated with "Logging" is ____________

  • A. Requirement 10
  • B. Requirement 8
  • C. Requirement 2
  • D. Requirement 11

正解:A


質問 # 28
Which of the following lists the correct "order" for the flow of a payment card transaction?

  • A. Authorization, Settlement, Clearing
  • B. Authorization, Clearing, Settlement
  • C. Clearing, Authorization, Settlement
  • D. Clearing, Settlement, Authorization

正解:B


質問 # 29
Information Security Policies must be reviewed/updated _____________ to meet requirement 12.1.1

  • A. Monthly
  • B. Yearly
  • C. Every 6 months
  • D. Quarterly

正解:B


質問 # 30
Intrusion-detection and/or intrusion-prevention techniques are NOT a requirement to monitor all traffic at the perimeter of the cardholder data environment as well as at critical points in the CDE and alert personnel to suspected compromises.

  • A. True
  • B. False

正解:B


質問 # 31
Protect all systems against malware and regularly updated anti-virus software or programs is the
____________

  • A. Requirement 6
  • B. Requirement 5
  • C. Requirement 4
  • D. Requirement 7

正解:B


質問 # 32
An user should be required to re-authenticate to activate the terminal or session if it's been idle for more than

  • A. 60 minutes
  • B. 15 minutes
  • C. 10 minutes
  • D. 30 minutes

正解:B


質問 # 33
Requirement 11.3 - Implement a methodology for penetration testing is a best practice until June 30 2015

  • A. False
  • B. True

正解:B


質問 # 34
The lockout of an user ID should be set until an administrator re-enables the user or to a minimum of

  • A. 60 minutes
  • B. 30 minutes
  • C. 15 minutes
  • D. 10 minutes

正解:B


質問 # 35
PCI DSS Requirement 1 covers:

  • A. Secure development of DMZ applications and systems
  • B. Masking of PAN wherever it is displayed
  • C. Implementation of firewalls between the CDE and untrusted networks
  • D. Installation of anti-virus software

正解:C


質問 # 36
......

最善な方法で問題集を使おう!練習テストならこれPCI PCIP3.0:https://jp.fast2test.com/PCIP3.0-premium-file.html


弊社を連絡する

我々は12時間以内ですべてのお問い合わせを答えます。

我々の働いている時間: ( GMT 0:00-15:00 )
月曜日から土曜日まで

サポート: 現在連絡 

English Deutsch 繁体中文 한국어