What must happen to access for onsite personnel upon termination?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $9.99Unlock all

Study for the PCI Data Security Standard Exam. Master your knowledge with interactive flashcards and multiple-choice questions, each with hints and explanations. Prepare confidently for your certification test!

Multiple Choice

What must happen to access for onsite personnel upon termination?

Explanation:
Immediate revocation of access when onsite personnel termination occurs is essential. When someone leaves or is terminated, all their credentials—logical (system accounts, VPN, email) and physical (badges, keys, badge readers, alarm codes)—must be disabled or returned right away. This prevents any chance of unauthorized entry or data access and supports a least-privilege approach, which is foundational to protecting cardholder data under PCI DSS. Why this is the best approach: it closes the security gap as soon as the person no longer has a legitimate role. Keeping access active even for a short period creates a window where misuse could occur, which PCI DSS aims to avoid. Delaying revocation until a later time or transferring access to someone else, or making it an annual decision, would prolong vulnerability and is not aligned with secure termination practices.

Immediate revocation of access when onsite personnel termination occurs is essential. When someone leaves or is terminated, all their credentials—logical (system accounts, VPN, email) and physical (badges, keys, badge readers, alarm codes)—must be disabled or returned right away. This prevents any chance of unauthorized entry or data access and supports a least-privilege approach, which is foundational to protecting cardholder data under PCI DSS.

Why this is the best approach: it closes the security gap as soon as the person no longer has a legitimate role. Keeping access active even for a short period creates a window where misuse could occur, which PCI DSS aims to avoid.

Delaying revocation until a later time or transferring access to someone else, or making it an annual decision, would prolong vulnerability and is not aligned with secure termination practices.

More Multiple Choice Questions
Subscribe

Get the latest from Examzify

You can unsubscribe at any time. Read our privacy policy