PCI SSC QSA_New_V4 Exam With Confidence Using Practice Dumps

Requirement 10.5.1.1requires thataudit logs be protected from unauthorised viewing and modification, and access should berestricted to individuals with a job-related need to view them. This principle aligns with least privilege and ensures accountability.

Option A:❌Incorrect. The person who performed the action may not need to view logs.

Option B:❌Incorrect. Read/write access istoo permissive.

Option C:❌Incorrect. Not all administrators need access to logs.

Option D:✅Correct. Access should bebased on job function.

Requirement 4.2.1.1states that PAN must beprotected with strong cryptographywhenever transmitted overopen or public networks, includingprivate wirelesswhere security is not assured. While not allprivate wired networksrequire encryption,wirelessis generally considered untrusted.

Option A:✅Correct. PAN must be encrypted overprivate wireless networksdue to potential interception risks.

Option B:❌Incorrect. Privatewirednetworks typically don’t require encryption unless they’re untrusted.

Option C & D:❌Incorrect. PANalways requires protectionover public networks.

UnderAppendix D – Customized Approach, it is clearly stated that theentity is responsiblefor completing theControls Matrixand theTargeted Risk Analysis (TRA). The assessor may assist in completion, but accountability for content lies with the entity.

Option A:Incorrect. QSAs may assist but are not solely responsible.

Option B:Incorrect. This overstates who is responsible; only the entity is ultimately accountable.

Option C:Correct. The entity being assessed is responsible for completing the Controls Matrix and TRA.

Option D:Incorrect. Card brands or acquirers are not involved in document creation.