Cisco
350-201(NEW-127Q) · Question #20
350-201(NEW-127Q) Question #20: Real Exam Question with Answer & Explanation
Sign in or unlock 350-201(NEW-127Q) to reveal the answer and full explanation for question #20. The question stem and answer options stay visible for context.
Data Protection and Compliance
Question
The organization that provides payment processing services is working on contracts with multiple banks. The organization has four branches with public and internal networks and two data centers across the city. Data centers where cardholder data resides can be accessed only by internal employees. The newly hired CISO of the organization must evaluate data security and provide recommendations to protect sensitive data. Which two recommendations must the CISO provide? (Choose two.)
Options
- AEncrypt cardholder data using industry-accepted algorithms (truncated, tokenized, or hashed).
- BRestrict physical access to cardholder data, use surveillance or electronic access controls to monitor entry and exit points of physical locations.
- CStore the magnetic strips and chip-sensitive data for auditing purposes and document the storage locations with strict access control and executive approvals.
- DDocument the process model used for data protection and implement a common approach for everyone in an organization.
- EAssign responsibilities, agree on objectives with executive management to measure performance, and draw interrelationships with other processes.
Unlock 350-201(NEW-127Q) to see the answer
You've previewed enough free 350-201(NEW-127Q) questions. Unlock 350-201(NEW-127Q) for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.
Topics
#PCI DSS compliance#Data encryption#Physical access controls#Cardholder data protection