Which requirement specifies maintaining strict control over the storage and accessibility of media?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $9.99Unlock all

Study for the PCI Data Security Standard Exam. Master your knowledge with interactive flashcards and multiple-choice questions, each with hints and explanations. Prepare confidently for your certification test!

Multiple Choice

Which requirement specifies maintaining strict control over the storage and accessibility of media?

Explanation:
The main idea here is controlling who can access media and where it is kept. In PCI DSS, you must protect any media that contains cardholder data by enforcing strict access controls and secure storage, as part of the media lifecycle management. This means only authorized individuals should be able to handle or reach stored media, and it should be kept in secure locations when not in use. That direct focus on limiting access and securing storage is why this option is the best fit. Other choices relate to related practices but don’t pin down this specific control: keeping an inventory helps with asset management, and encryption at rest protects data if media is accessed, but neither alone establishes the mandatory restriction on access to stored media. Stating that access is not restricted contradicts the security requirement.

The main idea here is controlling who can access media and where it is kept. In PCI DSS, you must protect any media that contains cardholder data by enforcing strict access controls and secure storage, as part of the media lifecycle management. This means only authorized individuals should be able to handle or reach stored media, and it should be kept in secure locations when not in use. That direct focus on limiting access and securing storage is why this option is the best fit.

Other choices relate to related practices but don’t pin down this specific control: keeping an inventory helps with asset management, and encryption at rest protects data if media is accessed, but neither alone establishes the mandatory restriction on access to stored media. Stating that access is not restricted contradicts the security requirement.

More Multiple Choice Questions
Subscribe

Get the latest from Examzify

You can unsubscribe at any time. Read our privacy policy