無料PCI PCIP3.0試験問題と解答トレーニングを提供しています [Q35-Q51]

Share

無料PCI PCIP3.0試験問題と解答トレーニングを提供しています

トップクラスPCI PCIP3.0オンライン問題集


PCIP認定を取得することで、個人が組織がPCI DSSコンプライアンス要件を満たすのに必要な知識とスキルを持っていることを示し、支払いカードデータの最高水準のセキュリティを維持することにも取り組んでいることを示します。支払いカード詐欺が企業にとって依然として重大なリスクであるため、PCIP認定は個人が就職市場で目立つこと、支払いカード業界でキャリアを進めることを支援することができます。

 

質問 # 35
The use of two-factor authentication is NOT a requirement on PCI DSS v3 for remote network access originating from outside the network by personnel and all third parties.

  • A. True
  • B. False

正解:B


質問 # 36
A company that ________ is considered to be a service provider.

  • A. is a founding member of PCI SSC
  • B. is not also a merchant
  • C. controls or could impact the security of another entity's
  • D. is a payment card brand

正解:C


質問 # 37
PCI DSS Requirement 1 covers:

  • A. Implementation of firewalls between the CDE and untrusted networks
  • B. Masking of PAN wherever it is displayed
  • C. Secure development of DMZ applications and systems
  • D. Installation of anti-virus software

正解:A


質問 # 38
According to requirement 11.1 you must implement a process to test for the presence of wireless access points and detect and identify all authorized and unauthorized wireless access points on every

  • A. 60 day
  • B. 30 days
  • C. 6 months
  • D. 3 months

正解:D


質問 # 39
What is the NIST standards that provides password complexity requirements

  • A. 800-53
  • B. 800-57
  • C. 800-61
  • D. 800-63

正解:D


質問 # 40
Requirement 11.3 - Implement a methodology for penetration testing is a best practice until June 30 2015

  • A. False
  • B. True

正解:B


質問 # 41
PCI DSS Requirement 5 states that anti-virus software must be:

  • A. Updated at least annually
  • B. Configured to allow users to disable it as desired
  • C. Installed on all systems commonly affected by malware
  • D. Installed on all systems, even those not commonly affected by malware

正解:C


質問 # 42
Requirement 2.2.2 and 2.2.3 cover the use of secure services, protocols, and daemons as required for the function of a system. Which of the following is considered secure?

  • A. FTP
  • B. SSH
  • C. Telnet
  • D. RLogon

正解:B


質問 # 43
PCI DSS Requirement Appendix A is intended for:

  • A. Merchants with data center environments
  • B. Issuing banks and acquirers
  • C. Any third party that stores, processes, or transmits cardholder data on behalf of another entity
  • D. Shared hosting providers

正解:D


質問 # 44
What is the Appendix A on PCI DSS 3.0?

  • A. Additional PCI DSS Requirements for Shared Hosting Providers
  • B. Segmentation and Sampling of Business Facilities/System Components
  • C. Compensating Controls
  • D. Cloud Computing Guidelines

正解:A


質問 # 45
SELECT ALL THAT APPLY
Select all audit trails that must be recorded for all system components according to requirement 10.3

  • A. Success or failure identification
  • B. Type of event
  • C. Date and time
  • D. Identity or name of affected data, system component, or resource
  • E. User identification
  • F. Origination of event

正解:A、B、C、D、E、F


質問 # 46
Quarterly internal vulnerability scans should be executed and rescans as needed until what point?

  • A. High-risk vulnerabilities (as defined in Requirement 6.1) are resolved
  • B. Until you get a PCI Scan passing score
  • C. All identified vulnerabilities are resolved
  • D. High and medium risks vulnerabilities are resolved

正解:A


質問 # 47
In order to be considered a compensating control, which of the following must exist:

  • A. A documented business constraint
  • B. A legitimate technical constraint
  • C. A legitimate technical constraint and a documented business constraint
  • D. A legitimate technical constraint or a documented business constraint

正解:D


質問 # 48
Requirement 8.2.3 states that passwords/phrases must contain both numeric and alphabetic characters and a minimum length of at least

  • A. 8 characters
  • B. 7 characters
  • C. 14 characters
  • D. 6 characters

正解:B


質問 # 49
Which of the following entities will ultimately approve a purchase?

  • A. Merchant
  • B. Issuing Bank
  • C. Acquiring Bank
  • D. Payment Transaction Gateway

正解:B


質問 # 50
The Information Supplements: (Select ALL that apply)

  • A. Provide additional guidance on specific technologies
  • B. Include recommendations and best practices
  • C. Do not replace or supersede any PCI standard
  • D. May be used as compensating control replacing one of the requirements

正解:A、B、C


質問 # 51
......

最新(2023)PCI PCIP3.0試験問題集:https://jp.fast2test.com/PCIP3.0-premium-file.html


弊社を連絡する

我々は12時間以内ですべてのお問い合わせを答えます。

我々の働いている時間: ( GMT 0:00-15:00 )
月曜日から土曜日まで

サポート: 現在連絡 

English Deutsch 繁体中文 한국어