Which PCI DSS requirement addresses protecting stored cardholder data?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $9.99Unlock all

Study for the PCI Data Security Standard Test. Utilize flashcards and multiple-choice questions, each offering hints and detailed explanations. Prepare thoroughly for your exam and ensure compliance with PCI DSS!

Multiple Choice

Which PCI DSS requirement addresses protecting stored cardholder data?

Explanation:
Protecting cardholder data when it is stored is the focus. PCI DSS has a requirement dedicated to safeguarding stored cardholder data, which covers encrypting data at rest, masking or truncating PAN when displayed, limiting how long data is retained, and using strong cryptographic key management. This targeted protection of data at rest is what this item asks for, rather than protections for data in transit, policy for personnel, or activity logging. The other areas address different parts of the data lifecycle—transmission security, governance, and monitoring—while this one specifically ensures that stored cardholder data is protected.

Protecting cardholder data when it is stored is the focus. PCI DSS has a requirement dedicated to safeguarding stored cardholder data, which covers encrypting data at rest, masking or truncating PAN when displayed, limiting how long data is retained, and using strong cryptographic key management. This targeted protection of data at rest is what this item asks for, rather than protections for data in transit, policy for personnel, or activity logging. The other areas address different parts of the data lifecycle—transmission security, governance, and monitoring—while this one specifically ensures that stored cardholder data is protected.

More Multiple Choice Questions
Subscribe

Get the latest from Examzify

You can unsubscribe at any time. Read our privacy policy