nerdexam
EC-Council

312-50V10 · Question #396

Which of the following guidelines or standards is associated with the credit card industry?

The correct answer is D. Payment Card Industry Data Security Standards (PCI DSS). PCI DSS is the security standard specifically created by the payment card industry to protect cardholder data across organizations that store, process, or transmit credit card information.

Information Security and Ethical Hacking Fundamentals

Question

Which of the following guidelines or standards is associated with the credit card industry?

Options

  • AControl Objectives for Information and Related Technology (COBIT)
  • BSarbanes-Oxley Act (SOX)
  • CHealth Insurance Portability and Accountability Act (HIPAA)
  • DPayment Card Industry Data Security Standards (PCI DSS)

How the community answered

(14 responses)
  • C
    7% (1)
  • D
    93% (13)

Why each option

PCI DSS is the security standard specifically created by the payment card industry to protect cardholder data across organizations that store, process, or transmit credit card information.

AControl Objectives for Information and Related Technology (COBIT)

COBIT is an IT governance framework published by ISACA focused on aligning IT processes with business goals, not specific to the credit card industry.

BSarbanes-Oxley Act (SOX)

Sarbanes-Oxley Act (SOX) is a US federal law focused on financial reporting accuracy and corporate accountability for publicly traded companies, not payment card data.

CHealth Insurance Portability and Accountability Act (HIPAA)

HIPAA is a US federal law governing the privacy and security of protected health information in the healthcare industry, unrelated to credit card data.

DPayment Card Industry Data Security Standards (PCI DSS)Correct

Payment Card Industry Data Security Standards (PCI DSS) was developed by major card brands including Visa, Mastercard, and American Express through the PCI Security Standards Council. It defines 12 core requirements covering network security, access control, encryption, and monitoring specifically to protect cardholder data environments. Compliance is mandatory for any entity that handles payment card transactions.

Concept tested: Industry-specific compliance standards - PCI DSS

Source: https://www.pcisecuritystandards.org/document_library/

Topics

#PCI DSS#compliance standards#credit card security#regulatory

Community Discussion

No community discussion yet for this question.

Full 312-50V10 Practice