Req 2.2.3 focuses on securing insecure services. Which approach reflects this requirement?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $24.99Unlock all

Prepare for the PCI DSS Test with detailed questions and explanations. Use flashcards and quizzes to enhance knowledge. Ensure you're ready for your certification exam!

Multiple Choice

Req 2.2.3 focuses on securing insecure services. Which approach reflects this requirement?

Explanation:
Securing insecure services means replacing or protecting protocols that send data in the clear with encrypted, authenticated alternatives. In practice, that means using secure technologies such as SSH for remote administration, TLS to encrypt communications for services that support it, or IPSec to protect IP traffic. These options prevent eavesdropping, tampering, and credential theft by ensuring data is encrypted in transit and that endpoints can verify each other. The best choice reflects this approach by promoting secure technologies to shield services that would otherwise transmit sensitive information unprotected. In contrast, continuing to use insecure protocols (like Telnet or unencrypted FTP) or removing security measures altogether would leave cardholder data exposed and fail to meet the requirement.

Securing insecure services means replacing or protecting protocols that send data in the clear with encrypted, authenticated alternatives. In practice, that means using secure technologies such as SSH for remote administration, TLS to encrypt communications for services that support it, or IPSec to protect IP traffic. These options prevent eavesdropping, tampering, and credential theft by ensuring data is encrypted in transit and that endpoints can verify each other.

The best choice reflects this approach by promoting secure technologies to shield services that would otherwise transmit sensitive information unprotected. In contrast, continuing to use insecure protocols (like Telnet or unencrypted FTP) or removing security measures altogether would leave cardholder data exposed and fail to meet the requirement.

More Multiple Choice Questions
Subscribe

Get the latest from Examzify

You can unsubscribe at any time. Read our privacy policy