Question 16
Restrict access to cardholder data by business need-to-know
Question 17
Existing PCI DSS requirements may be combined with new controls to become a compensating control.
Question 18
Identify and authenticate access to system components is the __________
Question 19
Storing track data "long-term" or "persistently" is permitted when
Question 20
PCI DSS Requirement Appendix A is intended for: