Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

Pentesting > 1B: Acknowledge Compliance Requirements > Flashcards

1B: Acknowledge Compliance Requirements Flashcards

1.1 Compare and contrast governance, risk, and compliance reports.

1
Q

Which standard specifies the controls that must be in place to securely handle credit card data?

A

Payment Card Industry Data Security Standard (PCI-DSS)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

How many categories does the PCI-DSS standard use to describe what is required?

A

Six Categories

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Of the four PCI-DSS levels, which level defines a merchant with over six million transactions a year?

A

Level 1

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Of the four PCI-DSS levels, which level defines a merchant with one to six million transactions a year?

A

Level 2

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Of the four PCI-DSS levels, which level defines a merchant with 20,000 to one million transactions a year?

A

Level 3

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Of the four PCI-DSS levels, which level defines a small merchant with under 20,000 transactions a year?

A

Level 4

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Of the four PCI-DSS levels, which level must have an external auditor perform the assessment by an approved Qualified Security Assessor (QSA)?

A

Level 1

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Of the four PCI-DSS levels, which levels must complete a Report on Compliance (RoC)?

A

Level 1 and 2

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Of the four PCI-DSS levels, which levels can either have an external auditor or submit a self-test that proves they are taking active steps to secure the infrastructure?

A

Levels 2-4

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

In 2018 the EU enacted this regulation which outlines specific requirements on how consumer data is protected.The law affects anyone who does business with residents of the EU and Britain. This comprehensive law focuses on the privacy of consumer data and, more importantly, gives consumers the ability to control how their data is handled.

A

General Data Protection Regulation (GDPR)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

A law that was enacted in New York state in March 2020 to protect citizens data. The law requires companies to bolster their cybersecurity defense methods to prevent a data breach and protect consumer data.

A

Stop Hacks and Improve Electronic Data Security (SHIELD)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

This law was enacted in 2020 and outlines specific guidelines on how to appropriately handle consumer data. To ensure that customer data is adequately protected, vendors should include PenTesting of all web applications, internal systems along with social engineering assessments.

A

California Consumer Privacy Act (CCPA)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

A law that mandates rigorous requirements for anyone that deals with patient information.

A

Health Insurance Portability and Accountability Act (HIPPA)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly

Pentesting (56 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions