Which PCI DSS requirement specifies automatic disconnect of remote-access sessions after inactivity?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards

From $9.99Unlock all

Prepare for the PCI Data Security Standard Test with our quiz. Use flashcards and multiple-choice questions to learn each concept. Get ready to excel in your examination!

Multiple Choice

Which PCI DSS requirement specifies automatic disconnect of remote-access sessions after inactivity?

Automatic termination of idle remote-access sessions is a control that reduces the risk of session hijacking by ensuring that a remote connection is closed if no activity occurs for a defined period. In PCI DSS, the remote-access requirements include several controls for securely connecting to the Cardholder Data Environment, and one specific sub-control requires remote sessions to be automatically disconnected after inactivity. This exact idle-timeout measure is what protects systems from unattended or forgotten sessions being exploited. The other remote-access controls focus on authentication, encryption, and secure channels, but they do not specify the idle-disconnect behavior as explicitly.

Which PCI DSS requirement specifies automatic disconnect of remote-access sessions after inactivity?

Prepare for the PCI Data Security Standard Test with our quiz. Use flashcards and multiple-choice questions to learn each concept. Get ready to excel in your examination!

Which PCI DSS requirement specifies automatic disconnect of remote-access sessions after inactivity?

Get the latest from Examzify