
無料PCI PCIP3.0試験問題と解答トレーニングを提供しています
トップクラスPCI PCIP3.0オンライン問題集
PCIP認定を取得することで、個人が組織がPCI DSSコンプライアンス要件を満たすのに必要な知識とスキルを持っていることを示し、支払いカードデータの最高水準のセキュリティを維持することにも取り組んでいることを示します。支払いカード詐欺が企業にとって依然として重大なリスクであるため、PCIP認定は個人が就職市場で目立つこと、支払いカード業界でキャリアを進めることを支援することができます。
質問 # 35
The use of two-factor authentication is NOT a requirement on PCI DSS v3 for remote network access originating from outside the network by personnel and all third parties.
- A. True
- B. False
正解:B
質問 # 36
A company that ________ is considered to be a service provider.
- A. is a founding member of PCI SSC
- B. is not also a merchant
- C. controls or could impact the security of another entity's
- D. is a payment card brand
正解:C
質問 # 37
PCI DSS Requirement 1 covers:
- A. Implementation of firewalls between the CDE and untrusted networks
- B. Masking of PAN wherever it is displayed
- C. Secure development of DMZ applications and systems
- D. Installation of anti-virus software
正解:A
質問 # 38
According to requirement 11.1 you must implement a process to test for the presence of wireless access points and detect and identify all authorized and unauthorized wireless access points on every
- A. 60 day
- B. 30 days
- C. 6 months
- D. 3 months
正解:D
質問 # 39
What is the NIST standards that provides password complexity requirements
- A. 800-53
- B. 800-57
- C. 800-61
- D. 800-63
正解:D
質問 # 40
Requirement 11.3 - Implement a methodology for penetration testing is a best practice until June 30 2015
- A. False
- B. True
正解:B
質問 # 41
PCI DSS Requirement 5 states that anti-virus software must be:
- A. Updated at least annually
- B. Configured to allow users to disable it as desired
- C. Installed on all systems commonly affected by malware
- D. Installed on all systems, even those not commonly affected by malware
正解:C
質問 # 42
Requirement 2.2.2 and 2.2.3 cover the use of secure services, protocols, and daemons as required for the function of a system. Which of the following is considered secure?
- A. FTP
- B. SSH
- C. Telnet
- D. RLogon
正解:B
質問 # 43
PCI DSS Requirement Appendix A is intended for:
- A. Merchants with data center environments
- B. Issuing banks and acquirers
- C. Any third party that stores, processes, or transmits cardholder data on behalf of another entity
- D. Shared hosting providers
正解:D
質問 # 44
What is the Appendix A on PCI DSS 3.0?
- A. Additional PCI DSS Requirements for Shared Hosting Providers
- B. Segmentation and Sampling of Business Facilities/System Components
- C. Compensating Controls
- D. Cloud Computing Guidelines
正解:A
質問 # 45
SELECT ALL THAT APPLY
Select all audit trails that must be recorded for all system components according to requirement 10.3
- A. Success or failure identification
- B. Type of event
- C. Date and time
- D. Identity or name of affected data, system component, or resource
- E. User identification
- F. Origination of event
正解:A、B、C、D、E、F
質問 # 46
Quarterly internal vulnerability scans should be executed and rescans as needed until what point?
- A. High-risk vulnerabilities (as defined in Requirement 6.1) are resolved
- B. Until you get a PCI Scan passing score
- C. All identified vulnerabilities are resolved
- D. High and medium risks vulnerabilities are resolved
正解:A
質問 # 47
In order to be considered a compensating control, which of the following must exist:
- A. A documented business constraint
- B. A legitimate technical constraint
- C. A legitimate technical constraint and a documented business constraint
- D. A legitimate technical constraint or a documented business constraint
正解:D
質問 # 48
Requirement 8.2.3 states that passwords/phrases must contain both numeric and alphabetic characters and a minimum length of at least
- A. 8 characters
- B. 7 characters
- C. 14 characters
- D. 6 characters
正解:B
質問 # 49
Which of the following entities will ultimately approve a purchase?
- A. Merchant
- B. Issuing Bank
- C. Acquiring Bank
- D. Payment Transaction Gateway
正解:B
質問 # 50
The Information Supplements: (Select ALL that apply)
- A. Provide additional guidance on specific technologies
- B. Include recommendations and best practices
- C. Do not replace or supersede any PCI standard
- D. May be used as compensating control replacing one of the requirements
正解:A、B、C
質問 # 51
......
最新(2023)PCI PCIP3.0試験問題集:https://jp.fast2test.com/PCIP3.0-premium-file.html