Performing CyberOps Using Cisco Security Technologies (CBRCOR) — Question 46

A company launched an e-commerce website with multiple points of sale through internal and external e-stores. Customers access the stores from the public website, and employees access the stores from the intranet with an SSO. Which action is needed to comply with PCI standards for hardening the systems?

Answer options

• A. Mask PAN numbers
• B. Encrypt personal data
• C. Encrypt access
• D. Mask sales details

Correct answer: A

Explanation

Masking PAN numbers is essential for PCI compliance as it protects sensitive payment data from unauthorized access. While encrypting personal data and securing access are important for overall security, they do not specifically address the handling of cardholder data as directly as masking PAN numbers. Masking sales details does not meet the PCI requirement for protecting payment information.