Qualified Security Assessor V4 Exam Questions and Answers
Which of the following describes "stateful responses" to communication Initiated by a trusted network?
Passwords for default accounts and default administrative accounts should be?
Which scenario meets PCI DSS requirements for critical systems to have correct and consistent time?
Security policies and operational procedures should be?
What do PCI DSS requirements for protecting cryptographic keys include?
Which of the following is required to be included in an incident response plan?
Which statement about PAN is true?
What is the intent of classifying media that contains cardholder data?
An organization wishes to implement multi-factor authentication for remote access, using the user's individual password and a digital certificate. Which of the following scenarios would meet PCI DSS requirements for multi-factor authentication?
An internal NTP server that provides time services to the Cardholder Data Environment is?
Which statement is true regarding the PCI DSS Report on Compliance (ROC)?
Where an entity under assessment is using the customized approach, which of the following steps is the responsibility of the assessor?
If disk encryption is used to protect account data, what requirement should be met for the disk encryption solution?
In the ROC Reporting Template, which of the following Is the best approach for a response where the requirement was "In Place’?
Where can live PANs be used for testing?
Which of the following parties is responsible for completion of the Controls Matrix for the Customized Approach?
Which statement is true regarding the use of intrusion detection techniques, such as intrusion detection systems and/or intrusion protection systems (IDS/IPS)?
Which systems must have anti-malware solutions?
What must be included in an organization's procedures for managing visitors?
Which statement about PAN is true?
Which systems must have anti-malware solutions?
What is the intent of classifying media that contains cardholder data?