A Sustainable Compliance Program must: - ✔️✔️Be implemented into Business-as-usual
(BAU) activities as part of the organizations overall security strategy.
True or False: The driving objective behind all PCI DSS compliance activities is to attain
a compliant report. - ✔️✔️False ongoing security of cardholder data is the driving
objective which will lead to a compliant report
Effective metrics program can provide useful data for: - ✔️✔️Allocation of resources to
minimize risk occurrence and measure the business consequences of security events.
Security Goals should include: - ✔️✔️Continuous monitoring, testing, documenting
implementation, effectiveness, efficiency, impact, and status of controls and activities.
Control-failure response processes should include: - ✔️✔️minimizing the impact of the
incident, restoring controls, performing root-cause analysis and remediation,
implementing hardening standards and enhancing monitoring.
True or False: 3rd party providers are monitored by issuers - ✔️✔️False, Organizations
should develop and implement processes to monitor the compliance status of its service
providers to determine whether a change in status requires a change in the relationship.
True or False: Organizations should evolve their controls with the threat landscape,
changes in organizations structure, new business initiatives, and changes in business
processes and technologies - ✔️✔️True Evolving security reduces the negative impact on
an organizations security posture.
Category | Exams and Certifications |
Comments | 0 |
Rating | |
Sales | 0 |