10.2.5 requires tracking of which items?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $9.99Unlock all

Study for the PCI Data Security Standard Exam. Master your knowledge with interactive flashcards and multiple-choice questions, each with hints and explanations. Prepare confidently for your certification test!

Multiple Choice

10.2.5 requires tracking of which items?

Explanation:
Tracking changes to authentication methods and privileged accounts is what this requirement focuses on. It means you must log the use of and changes to authentication mechanisms—such as adjustments to password policies, the introduction or modification of multi-factor authentication, or other methods used to prove identity—and you must record all changes, additions, or deletions to accounts that have root or other administrative privileges, including creation of new accounts and any elevation of privileges. This visibility is essential because it catching who gained access, how they gained it, and whether those steps align with policy. By keeping detailed, reviewable logs of who did what, when, and to which account, you can detect unauthorized account creation, privilege escalation, or alterations to authentication controls, which are common attack paths. While password resets, changes to user roles, or admin login attempts are relevant events, they do not alone satisfy the broader requirement to monitor both authentication mechanism changes and all privileged-account changes.

Tracking changes to authentication methods and privileged accounts is what this requirement focuses on. It means you must log the use of and changes to authentication mechanisms—such as adjustments to password policies, the introduction or modification of multi-factor authentication, or other methods used to prove identity—and you must record all changes, additions, or deletions to accounts that have root or other administrative privileges, including creation of new accounts and any elevation of privileges. This visibility is essential because it catching who gained access, how they gained it, and whether those steps align with policy. By keeping detailed, reviewable logs of who did what, when, and to which account, you can detect unauthorized account creation, privilege escalation, or alterations to authentication controls, which are common attack paths. While password resets, changes to user roles, or admin login attempts are relevant events, they do not alone satisfy the broader requirement to monitor both authentication mechanism changes and all privileged-account changes.

More Multiple Choice Questions
Subscribe

Get the latest from Examzify

You can unsubscribe at any time. Read our privacy policy