What is not a PCI compliance recommendation?
A. Limit access to card holder data to as few individuals as possible.
B. Use encryption to protect all transmission of card holder data over any public network.
C. Rotate employees handling credit card transactions on a yearly basis to different departments.
D. Use a firewall between the public network and the payment card data.
EC-Council Certified Ethical Hacker v11Free dumps for 312-50v11 in Printable PDF format.High quality PDF and software. VALID exam to help you pass. |
the correct answer is ¨c¨ , in ths case in PCI recommendations, it does not refer to employee rotation
pci compliance recommendation:
1.Protect your system with firewalls
2.Configure passwords and settings
3.Protect stored cardholder data
4.Encrypt transmission of cardholder data across open, public networks
5.Use and regularly update anti-virus software
6.Regularly update and patch systems
7.Restrict access to cardholder data to business need to know
8.Assign a unique ID to each person with computer access
9.Restrict physical access to workplace and cardholder data
10.Implement logging and log management
11.Conduct vulnerability scans and penetration tests
12.Documentation and risk assessments
C
c
C
C.
Balls Deep in PCI on a daily basis.
C. Rotate employees handling credit card transactions on a yearly basis to different departments.
The correct answer is B.
From the PCI compliance rules: “Encrypt transmission of cardholder data across open, public networks.”
And what about – What is “NOT”….?
George, you must haven’t taken enough sleep! Take care of youself!
Hi
The answer is which is NOT so C
C
see the 12 requiremements for PCI-DSS here: http://searchsecurity.techtarget.com/definition/PCI-DSS-12-requirements
C