A retail merchant has a server room containing systems that store encrypted PAN dat
a. The merchant has Implemented a badge access-control system that Identifies who entered and exited the room, on what date, and at what time. There are no video cameras located in the server room. Based on this information, which statement is true regarding PCI DSS physical security requirements?
Physical Security Requirements:
PCI DSS Requirement 9.1.1 mandates that physical access control systems (like badge readers) must be protected against tampering or disabling to ensure continuous security.
Current Implementation:
The merchant's badge access-control system provides essential logging of access events but must also be protected against tampering to comply with PCI DSS.
Invalid Options:
B: Video cameras are recommended but not explicitly required if access controls effectively ensure security.
C: Secure deletion of access-control logs is not a PCI DSS requirement; logs must be retained as per retention policies.
D: Motion-sensing alarms are not mandatory under PCI DSS physical security requirements.
Helga
1 months agoWilda
1 months agoJean
1 months agoCarin
27 days agoRene
1 months agoTambra
2 months agoWilson
11 days agoLeonida
12 days agoAnnelle
13 days agoMalinda
18 days agoGermaine
2 months agoLashandra
2 months agoMattie
2 months agoDean
26 days agoNoel
29 days agoJacki
1 months agoMerrilee
1 months ago