How should authentication credentials be protected during transmission and storage according to the policy?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $9.99Unlock all

Study for the PCI Data Security Standard Exam. Master your knowledge with interactive flashcards and multiple-choice questions, each with hints and explanations. Prepare confidently for your certification test!

Multiple Choice

How should authentication credentials be protected during transmission and storage according to the policy?

Explanation:
Protecting authentication credentials requires that they are safeguarded both in transit and at rest, using strong cryptography. This means sending credentials over secure channels (like TLS with up-to-date ciphers) and storing them in a way that makes them unreadable to unauthorized actors—typically by using strong encryption with proper key management or by storing secure password hashes with proper salting. This dual protection greatly reduces the risk of credential theft whether an attacker intercepts communications or breaches storage. Only protecting them during transmission leaves the stored credentials vulnerable. Storing credentials in plaintext, even on protected servers, is unsafe. Relying on obfuscation for storage is insufficient because obfuscation can be reversed and does not provide real cryptographic security.

Protecting authentication credentials requires that they are safeguarded both in transit and at rest, using strong cryptography. This means sending credentials over secure channels (like TLS with up-to-date ciphers) and storing them in a way that makes them unreadable to unauthorized actors—typically by using strong encryption with proper key management or by storing secure password hashes with proper salting. This dual protection greatly reduces the risk of credential theft whether an attacker intercepts communications or breaches storage.

Only protecting them during transmission leaves the stored credentials vulnerable. Storing credentials in plaintext, even on protected servers, is unsafe. Relying on obfuscation for storage is insufficient because obfuscation can be reversed and does not provide real cryptographic security.

More Multiple Choice Questions
Subscribe

Get the latest from Examzify

You can unsubscribe at any time. Read our privacy policy