Which technique is not a PCI requirement but is considered a best practice for limiting the cardholder data environment (CDE) from the remainder of a corporate network?
A.
Limit inbound connections to the CDE while allowing all outbound connections originating from the CDE.
B.
Establishing wired network segmentation between the CDE and the rest of the corporate network.
C.
Implementing identical firewall rules between corporate and CDE egress points.
D.
Incorporate the CDE within the corporate network's established Demilitarized Zone (DMZ).
I’m going with D because the others are clearly non-starters.
upvoted 1 times
...
This section is not available anymore. Please use the main Exam Page.500-220 Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
boxafrica
6 days, 16 hours ago