Which option lists the correct PCI DSS requirement concerns ASVs performing external vulnerability scans?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards

From $9.99Unlock all

Prepare for the PCI Approved Scanning Vendor ASV exam with our comprehensive study tools. Use flashcards and multiple choice questions, each with hints and explanations, to ace your test!

Multiple Choice

Which option lists the correct PCI DSS requirement concerns ASVs performing external vulnerability scans?

The key idea is that external vulnerability scans must be done by an Approved Scanning Vendor (ASV) on a regular basis, specifically quarterly, to identify publicly reachable weaknesses in the cardholder data environment. PCI DSS relies on the objectivity and standardization that an ASV provides, ensuring scans are conducted consistently and that remediation can be verified. The correct option reflects this requirement by focusing on external scans performed by an ASV and on a quarterly schedule (with remediation steps and re-testing as needed). The other choices relate to different PCI DSS areas—such as log review or physical security—not to who performs external vulnerability scans.

Which option lists the correct PCI DSS requirement concerns ASVs performing external vulnerability scans?

Prepare for the PCI Approved Scanning Vendor ASV exam with our comprehensive study tools. Use flashcards and multiple choice questions, each with hints and explanations, to ace your test!

Which option lists the correct PCI DSS requirement concerns ASVs performing external vulnerability scans?

Get the latest from Examzify