Which PCI DSS requirement addresses protecting stored cardholder data?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $9.99Unlock all

Study for the PCI Data Security Standard Exam. Master your knowledge with interactive flashcards and multiple-choice questions, each with hints and explanations. Prepare confidently for your certification test!

Multiple Choice

Which PCI DSS requirement addresses protecting stored cardholder data?

Explanation:
Protecting cardholder data when it is stored is the focus. PCI DSS has a requirement dedicated to safeguarding stored cardholder data, which covers encrypting data at rest, masking or truncating PAN when displayed, limiting how long data is retained, and using strong cryptographic key management. This targeted protection of data at rest is what this item asks for, rather than protections for data in transit, policy for personnel, or activity logging. The other areas address different parts of the data lifecycle—transmission security, governance, and monitoring—while this one specifically ensures that stored cardholder data is protected.

Protecting cardholder data when it is stored is the focus. PCI DSS has a requirement dedicated to safeguarding stored cardholder data, which covers encrypting data at rest, masking or truncating PAN when displayed, limiting how long data is retained, and using strong cryptographic key management. This targeted protection of data at rest is what this item asks for, rather than protections for data in transit, policy for personnel, or activity logging. The other areas address different parts of the data lifecycle—transmission security, governance, and monitoring—while this one specifically ensures that stored cardholder data is protected.

More Multiple Choice Questions
Subscribe

Get the latest from Examzify

You can unsubscribe at any time. Read our privacy policy