Which item is a requirement for protecting keys used to encrypt CHD?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $24.99Unlock all

Prepare for the PCI DSS Test with detailed questions and explanations. Use flashcards and quizzes to enhance knowledge. Ensure you're ready for your certification exam!

Multiple Choice

Which item is a requirement for protecting keys used to encrypt CHD?

Explanation:
Access to encryption keys used to protect cardholder data must be restricted to the fewest custodians necessary. Limiting who can access keys follows the principle of least privilege and supports separation of duties, reducing the risk of both insider and external compromise. Keeping keys tightly controlled is a fundamental part of PCI DSS key management. The other described practices—storing keys with data keys, making key-encrypting keys weaker than data keys, or storing keys publicly for recovery—would weaken security and are not appropriate.

Access to encryption keys used to protect cardholder data must be restricted to the fewest custodians necessary. Limiting who can access keys follows the principle of least privilege and supports separation of duties, reducing the risk of both insider and external compromise. Keeping keys tightly controlled is a fundamental part of PCI DSS key management. The other described practices—storing keys with data keys, making key-encrypting keys weaker than data keys, or storing keys publicly for recovery—would weaken security and are not appropriate.

More Multiple Choice Questions
Subscribe

Get the latest from Examzify

You can unsubscribe at any time. Read our privacy policy