SAQ C

1.

5 points

1.2.1(a)
Is inbound and outbound traffic restricted to that which is necessary for the cardholder data environment, and are the restrictions -----------?

Fill in the blank

noted

documented

denied

restricted

2.

5 points

SNMP stands for?

Simple Network Montering Protocol

Scientific Network Motion Program

Simple Network Management Protocol

Simple Network Management Paging

3.

5 points

5.2(d) Are all anti-virus mechanisms generating audit logs, and are logs retained in accordance with PCI DSS Requirement 10.7?

How long must audit logs be retained?

10 Years

3 Months

1 Month

1 Year

4.

5 points

A DMZ is?

An 80's rap group, Run DMZ

A setting on your firewall that deny's internet traffic

It can be used to detect unauthorized wireless access points, it will alert a network admin when an intrusion has been detected

a buffer zone that separates the Internet and your private LAN.

5.

5 points

What is inbound Internet traffic?

Traffic going out of your network

Email

Remote Administration

Traffic going into your network

6.

5 points

I log into a virtual terminal to process payments. HTTPS and a lock icon appear in the browser after I log in.

Is my connection secure?

Yes

No

7.

5 points

Select two known Certificate Authorities

Go Daddy

OpenSSL

Verisign

Sysnet Global Solutions

8.

5 points

4.1 Use strong cryptography and security protocols such as SSL/TLS or IPSEC to safeguard sensitive cardholder data during transmission over open, public networks.

What is an open, public network?

General Packet Radio Service (GPRS)

Global System for Mobile communications (GSM)

Wireless technologies

All of the above

9.

5 points

11.1(c) Is the process to identify unauthorized wireless access points performed at least quarterly for all system components and facilities?

My router does not have wireless capabilities. Do I need to do this?

Yes

No

10.

5 points

5.1.1 Ensure that all anti-virus programs are capable of detecting, removing, and protecting against all known types of malicious software.

My Windows 7 computer is on our LAN, but cannot access the internet. Am I required to have anti-virus?

No

Yes

11.

5 points

Select the most secure wireless encryption protocol

WPA2

WEP

WPA

PEAP

12.

5 points

1.3.3 Are direct connections prohibited for inbound or outbound traffic between the Internet and the cardholder data environment?

This can be implemented using the following:

DMZ

Stateful Inspection

IP filtering

Firewall

13.

5 points

An internal vulnerability scan MUST be performed by an ASV?

True

False

14.

5 points

12.3.8 Automatic disconnect of sessions for remote-access technologies after a specific period of inactivity?

What time should the automatic disconnect be set at?

5 Minutes

10 Minutes

15 Minutes

30 Minutes

15.

5 points

When transmitting sensitive data through the Internet, SSL provides:

Encryption and Authentication

I.P. based access only

Encryption Only

Authentication Only

16.

5 points

1.3.6 Is stateful inspection, also known as dynamic packet filtering, implemented (that is, only established connections are allowed into the network)?

Stateful Inspection is performed by?

Firewall

Router

Terminal

Computer

17.

5 points

An IPS that does not allow the external vulnerability scan to enter the targeted network results in a pass

True

False

18.

5 points

Employee owned devices on the CDE network should have which of the following installed?

Anti-Virus

IPS/IDS

Firewall

19.

5 points

Creating a wireless ___ for public access to your network can help protect sensitive network resources.

SSH

Demilitarized Zone (DMZ)

Proxy

VLAN

20.

5 points

11.1(a)
Is a documented process implemented to detect and identify wireless access points on a quarterly basis?

Which of the following can be used to detect wireless access points?

Wireless analyser

Wi-Fi hotspot

Network analyser

SNMP Trap