Req 2.3 requires encrypting non-console admin access using strong cryptography. Which practice demonstrates compliant non-console admin access?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $9.99Unlock all

Prepare for the PCI DSS Requirements Test with our interactive quizzes. Use multiple choice questions, flashcards, and detailed explanations. Ace your exam with confidence!

Multiple Choice

Req 2.3 requires encrypting non-console admin access using strong cryptography. Which practice demonstrates compliant non-console admin access?

Explanation:
Non-console admin access means remote administrative sessions to systems, not physical keyboard and screen access. PCI DSS Req 2.3 requires that these remote sessions be protected with strong cryptography and that insecure login methods be disabled. The best practice shown is to ensure admin access over encrypted channels using strong cryptography and to disable insecure login methods like Telnet, which transmits credentials in plaintext. This aligns with the need to protect admin credentials and prevent eavesdropping or tampering during remote management. The other options fail because Telnet transmits credentials unencrypted, HTTP for admin interfaces is not encrypted by default, and using weak encryption does not meet the “strong cryptography” requirement. Focusing on performance does not satisfy the security requirement.

Non-console admin access means remote administrative sessions to systems, not physical keyboard and screen access. PCI DSS Req 2.3 requires that these remote sessions be protected with strong cryptography and that insecure login methods be disabled. The best practice shown is to ensure admin access over encrypted channels using strong cryptography and to disable insecure login methods like Telnet, which transmits credentials in plaintext. This aligns with the need to protect admin credentials and prevent eavesdropping or tampering during remote management.

The other options fail because Telnet transmits credentials unencrypted, HTTP for admin interfaces is not encrypted by default, and using weak encryption does not meet the “strong cryptography” requirement. Focusing on performance does not satisfy the security requirement.

More Multiple Choice Questions
Subscribe

Get the latest from Examzify

You can unsubscribe at any time. Read our privacy policy