Which statement about 10.1 audit trails is correct?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $24.99Unlock all

Prepare for the PCI DSS Test with detailed questions and explanations. Use flashcards and quizzes to enhance knowledge. Ensure you're ready for your certification exam!

Multiple Choice

Which statement about 10.1 audit trails is correct?

Explanation:
Auditing in PCI DSS is about capturing who did what and when, so you can reconstruct events and detect unauthorized activity. For the 10.1 area, the requirement is that audit trails are enabled and actively maintained on all system components and that access to those components is linked to individual users. This combination provides accountability and supports forensic analysis by showing exactly which user performed which action at a given time. That’s why this statement is the best fit: it reflects both the need for enabled, ongoing logs across all components and the importance of tying those actions to specific user identities. It isn’t optional, it isn’t limited to file servers, and logs shouldn’t be disabled during off-hours—continuous, user-linked auditing is essential for effective monitoring and incident response.

Auditing in PCI DSS is about capturing who did what and when, so you can reconstruct events and detect unauthorized activity. For the 10.1 area, the requirement is that audit trails are enabled and actively maintained on all system components and that access to those components is linked to individual users. This combination provides accountability and supports forensic analysis by showing exactly which user performed which action at a given time.

That’s why this statement is the best fit: it reflects both the need for enabled, ongoing logs across all components and the importance of tying those actions to specific user identities. It isn’t optional, it isn’t limited to file servers, and logs shouldn’t be disabled during off-hours—continuous, user-linked auditing is essential for effective monitoring and incident response.

More Multiple Choice Questions
Subscribe

Get the latest from Examzify

You can unsubscribe at any time. Read our privacy policy