QSA_New_V4 Exam Dumps : Qualified Security Assessor V4 Exam

Requirement 10.5.1.1requires thataudit logs be protected from unauthorised viewing and modification, and access should berestricted to individuals with a job-related need to view them. This principle aligns with least privilege and ensures accountability.

Option A:❌Incorrect. The person who performed the action may not need to view logs.

Option B:❌Incorrect. Read/write access istoo permissive.

Option C:❌Incorrect. Not all administrators need access to logs.

Option D:✅Correct. Access should bebased on job function.

 Testing with Live PANs

PCI DSS Requirement 6.4.3 requires that live PANs (Primary Account Numbers) only be used in secure and controlled environments within the CDE.

Pre-production environments located within the CDE must adhere to all PCI DSS requirements for security and monitoring​​.

 Prohibited Uses

Testing with live PANs in environments outside the CDE violates PCI DSS. Only simulated data should be used in less secure testing environments.

 Incorrect Options

Option A: Production environments are for real transactions, not testing.

Option B: Test environments outside the CDE are insecure for live PANs.

Option D: The QSA environment is irrelevant to the organization’s CDE testing controls.

PerRequirement 10.6.1, PCI DSS mandates that time-synchronization technology be used, andsystems must be synchronized to a central time serverthat itself receives time from an approved external source. This ensures logs can be accurately correlated.

Option A:Incorrect. Time inconsistency arises if each system operates independently.

Option B:Incorrect. Time configuration must berestricted to authorised personnel only.

Option C:Correct. Time should be sourced from a centralised server which is in sync with reliable external sources.

Option D:Incorrect. Each system peering independently can cause inconsistencies.