New Year Special 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: save70

Pearson Assessor_New_V4 New Attempt

Assessor_New_V4 Exam Questions and Answers

Question 9

Which of the following is true regarding internal vulnerability scans?

Options:

A.

They must be performed after a significant change

B.

They must be performed by an Approved Scanning Vendor (ASV)

C.

They must be performed by QSA personnel

D.

They must be performed at least annually

Question 10

A network firewall has been configured with the latest vendor security patches What additional configuration is needed to harden the firewall?

Options:

A.

Remove the default 'Firewall Administrator account and create a shared account for firewall administrators to use.

B.

Configure the firewall to permit all traffic until additional rules are defined

C.

Synchronize the firewall rules with the other firewalls m the environment

D.

Disable any firewall functions that are not needed in production

Question 11

Which of the following types of events is required to be logged?

Options:

A.

All use of end-user messaging technologies

B.

All access to external web sites

C.

All access to all audit trails

D.

All network transmissions

Question 12

Which statement about the Attestation of Compliance (AOC) is correct?

Options:

A.

There are different AOC templates for service providers and merchants

B.

The AOC must be signed by both the merchant/service provider and by PCI SSC

C.

The same AOC template is used for ROCs and SAQs

D.

The AOC must be signed by either the merchant service provider or the QSA'ISA