Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

Req 1 > Req 2 > Flashcards

Req 2 Flashcards

1
Q

Always change vendor-supplied defaults adn remove or disable unnecessary default accounts before installing a system on the network.

This applica to ALL default passwords including but not limited to those used by operating systems, software that provides security services, application and system accounts, point-of-sale (POS) terminal, payment applications, SImple Network MAnagement Protocol (SNMP) community strings.

A

Requirement 2.1

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

For wireless environments connected to the cardholder data environment or transmitting cardholders data, change ALL wireless vendor defaults at installation, including but not limited to default wireless encryption keys, passwords, and SNMP community strings

A

Requirement 2.1.1

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Develop configuration standards for all system components. Assure that these standards address all known security vulnerabilities and are consistent with industry-accepted systems hardening standard may include, but not limited to :

CEnter for Internet Security (CIS)

International Organization for Standardization (ISO)

SysAdmin Audit Network Security (SANS) Institute

National Institute of Standards TEchnology (NIST)

A

Requirement 2.2

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Implement only one primary function per server to prevent functions that require different security levels from co-existing on the same server.

For example. web servers, database servers, and DNS should be implemented on separate servers.

A

Requirement 2.2.1

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Enable only necessary services, protocol, daemon, etc., as required for the function of the system.

A

Requirement 2.2.2

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Implement additional security feature for any required services, protocol, or daemons that are considered to be insecure.

A

Requirement 2.2.3

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Configure system security parameter to prevent misuse.

A

Requirement 2.2.4

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

REmove all unnecessary functionality, such as scripts, drivers, features, subsystems, file systems, and unnecessary web servers.

A

Requirement 2.2.5

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Encrypt all non-console administrative access using strong cryptography.

A

Requirement 2.3

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Maintain an inventory of system components that are in scope for PCI DSS.

A

Requirement 2.4

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Ensure that security policies and operational procedures for managing vendor defaults adn other security parameter are documented, in use, and known to all affected parties.

A

Requirement 2.5

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Shared hosting providers must protect each entity hosted environment and cardholder data.

A

Requirement 2.6

How well did you know this?
1
Not at all
2
3
4
5
Perfectly

Req 1 (4 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions