Which statement is NOT an acceptable form for storing secret and private keys used to encrypt/decrypt cardholder data?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards

From $9.99Unlock all

Prepare for the PCI Data Security Standard Test with our quiz. Use flashcards and multiple-choice questions to learn each concept. Get ready to excel in your examination!

Multiple Choice

Which statement is NOT an acceptable form for storing secret and private keys used to encrypt/decrypt cardholder data?

Protecting secret and private keys requires strong key management that prevents exposure. The acceptable approaches include encrypting keys with a key-encrypting key (KEK) and storing them separately, or keeping keys inside a secure cryptographic device like an HSM that provides tamper resistance and controlled access, or splitting key material into multiple shares for dual-control. Storing keys in plaintext on a workstation defeats these protections because a compromised workstation can expose the keys and allow decrypting cardholder data, lacking encryption at rest, tamper resistance, and proper access controls. Therefore, plaintext on a workstation is not an acceptable form for storing secret and private keys.

Which statement is NOT an acceptable form for storing secret and private keys used to encrypt/decrypt cardholder data?

Prepare for the PCI Data Security Standard Test with our quiz. Use flashcards and multiple-choice questions to learn each concept. Get ready to excel in your examination!

Which statement is NOT an acceptable form for storing secret and private keys used to encrypt/decrypt cardholder data?

Get the latest from Examzify