nerdexam
Exams312-50V9Questions#309
EC-Council

312-50V9 · Question #309

312-50V9 Question #309: Real Exam Question with Answer & Explanation

The correct answer is B: Use encryption to protect all transmission of card holder data over any public network.. Encrypting cardholder data in transit is a strict PCI DSS mandate, not a loose recommendation, and the other three choices each map directly to named PCI DSS requirements.

Question

What is not a PCI compliance recommendation?

Options

  • ALimit access to card holder data to as few individuals as possible.
  • BUse encryption to protect all transmission of card holder data over any public network.
  • CRotate employees handling credit card transactions on a yearly basis to different departments.
  • DUse a firewall between the public network and the payment card data.

Explanation

Encrypting cardholder data in transit is a strict PCI DSS mandate, not a loose recommendation, and the other three choices each map directly to named PCI DSS requirements.

Common mistakes.

  • A. Limiting access to cardholder data on a need-to-know basis is explicitly required by PCI DSS Requirement 7 - Restrict access to system components and cardholder data by business need to know.
  • C. Rotating employees handling card transactions aligns with PCI DSS Requirement 12 personnel management controls, which address separation of duties, background checks, and role-based oversight of staff with cardholder data access.
  • D. Placing a firewall between the public network and payment card data is explicitly mandated by PCI DSS Requirement 1, which requires installation and maintenance of network security controls to protect the cardholder data environment.

Concept tested. PCI DSS requirements identification and scope

Reference. https://www.pcisecuritystandards.org/document_library/

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full 312-50V9 Practice