Which two statements about PCI DSS are true? (Choose two.)
A. PCI DSS is a US government standard that defines ISP security compliance.
B. PCI DSS is a proprietary security standard that defines a framework for credit, debit, and ATM cardholder information.
C. PCI DSS is a criminal act of cardholder information fraud.
D. One of the PCI DSS objectives is to restrict physical access to credit, debit, and ATM cardholder information.
E. PCI DSS is an IETF standard for companies to protect credit, debit, and ATM cardholder information.
