Certified Ethical Hacker (CEH v13) — Question 214
Bill has been hired as a penetration tester and cyber security auditor for a major credit card company.
Which information security standard is most applicable to his role?
Answer options
- A. FISMA
- B. Sarbanes-Oxley Act
- C. HITECH
- D. PCI-DSS
Correct answer: D
Explanation
The correct answer is PCI-DSS, as it specifically addresses security standards for organizations that handle credit card transactions. FISMA pertains to federal information systems, Sarbanes-Oxley focuses on financial reporting, and HITECH is related to healthcare data, making them less relevant to Bill's role in the credit card industry.