PCI DSS Requirements Practice Test

Session length

1 / 20

What should service providers use when remotely accessing each customer environment?

Use The Same Credentials For All Customers

Allow Shared Credentials Across Customer Environments

Different Authentication Credentials For Access To Each Customer

Requiring different authentication credentials for each customer environment ensures proper isolation, accountability, and control. With unique credentials per customer, access can be granted and revoked on a per‑environment basis, and all activity can be traced to the specific customer and user involved. If the same credentials were used across multiple customers or credentials were shared, a compromise could expose many environments at once, making it hard to determine who accessed what and delaying incident response. This approach also supports the PCI DSS need for unique IDs and monitored remote access, often alongside strong authentication, so that privilege and access can be managed precisely per customer. For remote access, using proper credentials (and ideally MFA) rather than no credentials at all is essential to maintain security, auditability, and the integrity of each customer’s environment.

No Credentials Required For Remote Access

Next Question
Subscribe

Get the latest from Passetra

You can unsubscribe at any time. Read our privacy policy