When working in the Payment Card Industry (PCI), how often should security logs be review to comply with the standards?

SQL injection is a very popular and successful injection attack method. Identify the basic SQL injection text:

Which of the following functions implements and oversees the use of controls to reduce risk when creating an information security program?

SCENARIO: Critical servers show signs of erratic behavior within your organization's intranet. Initial information indicates the systems are under attack from an outside entity. As the Chief Information Security Officer (CISO), you decide to deploy the Incident Response Team (IRT) to determine the details of this incident and take action according to the information available to the team.
What phase of the response provides measures to reduce the likelihood of an incident from recurring?

What role should the CISO play in properly scoping a PCI environment?