PCI QSA NEW V4
Q: 1
Which scenario meets PCI DSS requirements for restricting access to databases containing cardholder
data?
Options
Q: 2
Which of the following is true regarding internal vulnerability scans?
Options
Q: 3
What does the PCI PTS standard cover?
Options
Q: 4
In accordance with PCI DSS Requirement 10, how long must audit logs be retained?
Options
Q: 5
Which statement is true regarding the use of intrusion detection techniques, such as intrusion
detection systems and/or Intrusion protection systems (IDS/IPS)?
Options
Q: 6
Viewing of audit log files should be limited to?
Options
Q: 7
Where can live PANs be used for testing?
Options
Q: 8
An organization wishes to implement multi-factor authentication for remote access, using the user's
Individual password and a digital certificate. Which of the following scenarios would meet PCI DSS
requirements for multi-factor authentication?
Options
Q: 9
Which scenario describes segmentation of the cardholder data environment (CDE) for the purposes
of reducing PCI DSS scope?
Options
Q: 10
An entity wants to use the Customized Approach. They are unsure how to complete the Controls
Matrix or TR
Options
Question 1 of 10
