The PCI DSS establishes security measures for protecting cardholder data. While updating antivirus software is a security best practice, it is not an access control requirement under PCI DSS.
Option A (Restrict physical access to cardholder data) is required to prevent unauthorized access.
Option C (Assign a unique ID to each person with computer access) is required to track user actions.
Option D (Restrict access to cardholder data by business need-to-know) ensures only authorized individuals access sensitive information.
Option B (Update antivirus software before granting access) is a security measure but is not classified as an access control requirement under PCI DSS.
[Reference:PCI DSS Official Documentation, Requirement 8: Identify and Authenticate Access to System Components., , ]
Contribute your Thoughts:
Chosen Answer:
This is a voting comment (?). You can switch to a simple comment. It is better to Upvote an existing comment if you don't have anything to add.
Submit