Exam PT0-002 topic 1 question 215 discussion

To be PCI compliant you need to do Network segmentation but, BUT in the question it is said that we already come from another network.. hmm

The BEST control to protect customer data like credit card numbers for PCI compliance is: B. Network segmentation Network segmentation isolates different parts of the network. In this case, ideally, the customer information folder should be placed in a separate network segment with stricter access controls. This would make it much harder for an attacker who has breached one part of the network (like the penetration tester) to access the sensitive data in another segment. PCI DSS (Payment Card Industry Data Security Standard) specifically requires that organizations implement network segmentation to isolate the cardholder data environment (CDE) from the rest of the network. This helps to ensure that even if an attacker gains access to a system on the network, they wouldn't have easy access to the sensitive credit card data.

The term "another part of the network" here may very well mean separate VLANs. However, it's important to consider that network segmentation can be achieved through various methods beyond VLANs. For example, organizations can use physical network segmentation (e.g., separate physical networks), subnetting, firewall rules, or access control lists (ACLs) to segment their networks.

This is on another question. I can't remember which one, but it's the same answer basically.

To be PCI compliant and protect sensitive customer information such as addresses, phone numbers, and credit card numbers, the company should have implemented B. Network segmentation.

B is correct

bbbbbbbbbb