Recent

  • Show all results for ""
quiz image

Password and Access Control Policy Document Overview

CommendableRuby avatar
CommendableRuby
·
·
Download

Start Quiz

Study Flashcards Play Quiz

Questions and Answers

Is the document a draft version 0.1 of the Password and Access Control Policy?

True

Does the policy apply to all systems and assets owned, managed, or operated by the company?

True

Are passwords required to be at least 8 characters long and include upper and lower case letters, numbers, and special characters?

True

Is password history maintained for at least 4 passwords?

<p>True</p> Signup and view all the answers

Is password lockout set to 6 attempts with a duration of 30 minutes?

<p>True</p> Signup and view all the answers

Should remote access to the cardholder network utilize two-factor authentication?

<p>True</p> Signup and view all the answers

Are violations of the policy subject to disciplinary action, including termination of employment?

<p>True</p> Signup and view all the answers

Is deviation from the policy allowed only with a valid business case reviewed and approved by the Security Management Team and/or Legal Counsel?

<p>True</p> Signup and view all the answers

Does the document reference the Payment Card Industry Data Security Standard (PCI DSS)?

<p>True</p> Signup and view all the answers

Study Notes

Password and Access Control Policy Document

  • The document is a draft version 0.1 of the Password and Access Control Policy.
  • It outlines roles and responsibilities for HR, Information Security Manager, and Systems Administrators.
  • The policy applies to all systems and assets owned, managed, or operated by the company.
  • User authentication is based on business needs and the principle of least privilege.
  • Different authentication mechanisms are specified for various access points like operating systems, web applications, email, and voice.
  • Passwords must be at least 8 characters long and include upper and lower case letters, numbers, and special characters.
  • Password history is maintained for at least 4 passwords, and password lockout is set to 6 attempts with a duration of 30 minutes.
  • Remote access to the cardholder network should utilize two-factor authentication.
  • Vendors' remote access accounts should be monitored and changed regularly.
  • Violations of the policy may result in disciplinary action, including termination of employment.
  • Deviation from the policy is allowed only with a valid business case reviewed and approved by the Security Management Team and/or Legal Counsel.
  • The document references the Payment Card Industry Data Security Standard (PCI DSS).

Studying That Suits You

Use AI to generate personalized quizzes and flashcards to suit your learning preferences.

Get started for free
Quiz Team

More Quizzes Like This

Password and Access Control Policy
9 questions

Password and Access Control Policy

CommendableRuby avatar
CommendableRuby
Password and Access Control Policy Document Overview
9 questions

Password and Access Control Policy Document Overview

CommendableRuby avatar
CommendableRuby
Password and Access Control Policy Document Overview
9 questions

Password and Access Control Policy Document Overview

CommendableRuby avatar
CommendableRuby
Password and Access Control Policy Document Overview
9 questions

Password and Access Control Policy Document Overview

CommendableRuby avatar
CommendableRuby
Use Quizgecko on...
Browser
Open
Browser
Browser