Which item must be included in the documented crypto architecture for CHD protection?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $24.99Unlock all

Prepare for the PCI DSS Test with detailed questions and explanations. Use flashcards and quizzes to enhance knowledge. Ensure you're ready for your certification exam!

Multiple Choice

Which item must be included in the documented crypto architecture for CHD protection?

Explanation:
Documenting the exact cryptographic controls used to protect CHD, including which algorithms and protocols are employed and how keys are managed, is what this item requires. This ensures there is a clear, auditable record of how CHD is encrypted or protected in transit and at rest, and how the cryptographic keys are generated, stored, rotated, and retired. Knowing the key strength and expiry date is essential because it shows that keys are robust against attack and that they are periodically refreshed to maintain security over time. Including a list of employees who handle keys is more about access control than the cryptographic mechanism itself, and a network diagram of the data center, while useful for overall security, does not specify the cryptographic controls protecting CHD. A legal compliance checklist addresses regulatory requirements at a higher level, not the concrete details of the cryptographic architecture used to protect CHD.

Documenting the exact cryptographic controls used to protect CHD, including which algorithms and protocols are employed and how keys are managed, is what this item requires. This ensures there is a clear, auditable record of how CHD is encrypted or protected in transit and at rest, and how the cryptographic keys are generated, stored, rotated, and retired. Knowing the key strength and expiry date is essential because it shows that keys are robust against attack and that they are periodically refreshed to maintain security over time.

Including a list of employees who handle keys is more about access control than the cryptographic mechanism itself, and a network diagram of the data center, while useful for overall security, does not specify the cryptographic controls protecting CHD. A legal compliance checklist addresses regulatory requirements at a higher level, not the concrete details of the cryptographic architecture used to protect CHD.

More Multiple Choice Questions
Subscribe

Get the latest from Examzify

You can unsubscribe at any time. Read our privacy policy