NO.48 Requirement 11.3 – Implement a methodology for penetration testing is a best practice until June 30 2015

NO.49 분기별로 내부 취약성 검사를 실행하고 필요에 따라 재검사해야 하는 시점은 언제까지인가요?

NO.50 PCI 규정 위반 시 적용 가능한 모든 징계 조치를 선택해 주세요.
전문적인 책임

NO.51 ________ 회사는 서비스 제공업체로 간주됩니다.

NO.52 요구 사항 8.1.4를 준수하려면 최소한 모든 비활성 사용자 계정을 제거/비활성화해야 합니다.

NO.53 All other merchants (not included in the descriptions for SAQs A, B, or C) and all service providers defined by a payment brand as eligible to complete an SAQ may be completing what SAQ?

NO.54 Intrusion-detection and/or intrusion-prevention techniques are NOT a requirement to monitor all traffic at the perimeter of the cardholder data environment as well as at critical points in the CDE and alert personnel to suspected compromises.

NO.55 When evaluating “above and beyond” for compensating controls, an existing PCI DSS requirement MAY be considered as compensating controls if they are required for another area, but are not required for the item under review

NO.56 직원 및 모든 제3자가 네트워크 외부에서 시작하는 원격 네트워크 액세스에 대해 2단계 인증을 사용하는 것은 PCI DSS v3의 요구 사항이 아닙니다.

NO.57 According to Requirement 10.4 the use of Time synchronization like NTP should be implemented on all critical systems for acquiring, distributing, and storing time.

NO.58 The P2PE Standard covers:

NO.59 Maintain a policy that addresses information security for all personnel is the ________

NO.60 인터넷에 연결된 세분화된 결제 애플리케이션 시스템이 있고 전자 카드 소지자 데이터 저장소가 없는 판매자는 어떤 SAQ를 사용할 수 있습니까?

NO.61 PCI compliance do not apply on Virtualized environments

NO.62 Internal and external penetration tests should be performed_______________ to meet requirement
1 1.3.1 and 11.3.2

NO.63 In order to be considered a compensating control, which of the following must exist:

NO.64 SELECT ALL THAT APPLY
To be compliant with requirement 9.9 an updated list of all card-reading devices used in card-present transactions at the point of sale must be kept by June 30 2015 including the following:

NO.65 Identify and authenticate access to system components is the __________

NO.66 It’s NOT required that all four quarters of passing scan in order to meet requirement 11.2

NO.67 PCIP는 다음과 같은 내용을 포함하는 직업적 책임 강령을 준수해야 합니다:

NO.68 The implementation of a Security Awareness Program (Requirement 12.6) requires that personnel must be educated upon hire and at least

NO.69 단말기 또는 세션이 1시간 이상 유휴 상태인 경우 사용자가 다시 인증해야 활성화할 수 있습니다.

NO.70 Protect all systems against malware and regularly updated anti-virus software or programs is the
____________

NO.71 Merchants involved with only card-not-present transactions that are completely outsourced to a PCI DSS complaint service provider may be eligible to use?