Which wireless control is explicitly prohibited?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $24.99Unlock all

Prepare for the PCI Approved Scanning Vendor (ASV) Test. Study with flashcards, multiple choice questions, hints, and explanations. Get exam ready!

Multiple Choice

Which wireless control is explicitly prohibited?

Explanation:
WEP is the wireless security control that PCI DSS explicitly prohibits because it is fundamentally insecure. WEP uses a weak encryption scheme with a short, fixed initialization vector that can be reused, making it vulnerable to practical attacks that can decrypt traffic and reveal the encryption key. This means wireless transmissions protected only by WEP can be cracked quickly, exposing cardholder data. In contrast, WPA2 with AES (CCMP) provides strong, modern protection and is an accepted standard for securing wireless networks handling payment data. TLS is a separate security protocol used to protect data in transit, not a wireless access control method, so it isn’t the type of wireless control being evaluated here. Open authentication with no encryption offers no protection at all, which PCI also forbids for transmitting sensitive data, but the item specifically points to WEP as the prohibited wireless control.

WEP is the wireless security control that PCI DSS explicitly prohibits because it is fundamentally insecure. WEP uses a weak encryption scheme with a short, fixed initialization vector that can be reused, making it vulnerable to practical attacks that can decrypt traffic and reveal the encryption key. This means wireless transmissions protected only by WEP can be cracked quickly, exposing cardholder data.

In contrast, WPA2 with AES (CCMP) provides strong, modern protection and is an accepted standard for securing wireless networks handling payment data. TLS is a separate security protocol used to protect data in transit, not a wireless access control method, so it isn’t the type of wireless control being evaluated here. Open authentication with no encryption offers no protection at all, which PCI also forbids for transmitting sensitive data, but the item specifically points to WEP as the prohibited wireless control.

More Multiple Choice Questions
Subscribe

Get the latest from Examzify

You can unsubscribe at any time. Read our privacy policy