How should non-console administrative access be protected?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $9.99Unlock all

Prepare for the PCI Data Security Standard Test with our quiz. Use flashcards and multiple-choice questions to learn each concept. Get ready to excel in your examination!

Multiple Choice

How should non-console administrative access be protected?

Explanation:
Protect remote administrative sessions by ensuring they are encrypted in transit with strong cryptography. Non-console administrative access refers to management performed over the network (not direct physical console), so protecting those sessions prevents eavesdropping, tampering, and credential theft. The best approach is to encrypt all non-console admin access using strong methods such as SSH for remote command access, VPN to create secure tunnels, or TLS for web-based management interfaces. TLS is the modern standard for securing such traffic, and SSH and VPN provide robust, proven means to protect different types of admin sessions. Using SSL alone is outdated and insufficient, and not encrypting non-console access leaves sensitive admin activity exposed. Encrypting only console access misses remote management paths, so that option would fail to protect the actual admin channels used in practice.

Protect remote administrative sessions by ensuring they are encrypted in transit with strong cryptography. Non-console administrative access refers to management performed over the network (not direct physical console), so protecting those sessions prevents eavesdropping, tampering, and credential theft. The best approach is to encrypt all non-console admin access using strong methods such as SSH for remote command access, VPN to create secure tunnels, or TLS for web-based management interfaces. TLS is the modern standard for securing such traffic, and SSH and VPN provide robust, proven means to protect different types of admin sessions. Using SSL alone is outdated and insufficient, and not encrypting non-console access leaves sensitive admin activity exposed. Encrypting only console access misses remote management paths, so that option would fail to protect the actual admin channels used in practice.

More Multiple Choice Questions
Subscribe

Get the latest from Examzify

You can unsubscribe at any time. Read our privacy policy