Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location PL
Mob_nav_barsMENU

PCI Exam QSA_New_V4 Topic 5 Question 1 Discussion

Actual exam question for PCI's QSA_New_V4 exam
Question #: 1
Topic #: 5
[All QSA_New_V4 Questions]

An LDAP server providing authentication services to the cardholder data environment is_____________?

Show Suggested Answer Hide Answer
Suggested Answer: A

Scope of PCI DSS:

PCI DSS applies to all systems that store, process, or transmit cardholder data (CHD), as well as systems that can impact the security of the CDE. An LDAP server providing authentication services is considered a connected system that could impact the security of CHD and is therefore in scope.

Clarifications on Scope:

Systems like LDAP servers that do not directly handle CHD but provide critical services to the CDE (e.g., authentication) are in scope for PCI DSS.

Invalid Options:

B/C/D: Scoping is not limited to direct storage, processing, or transmission of CHD but includes systems that could affect the CDE's security.


by Galen at Feb 09, 2025, 10:33 PM

Limited Time Offer

25%

Off

Get Premium QSA_New_V4 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Asha
2 months ago
C is the clear winner here. If the LDAP server isn't handling cardholder data, why would it be in scope for PCI compliance? Seems like a no-brainer to me.
upvoted 0 times
Tonja
19 days ago
D) in scope only if it provides authentication services to systems in the DMZ.
upvoted 0 times
...
Detra
22 days ago
C) in scope only if it stores, processes or transmits cardholder data.
upvoted 0 times
...
Osvaldo
25 days ago
B) not In scope for PCI DSS.
upvoted 0 times
...
Layla
1 months ago
C is the clear winner here. If the LDAP server isn't handling cardholder data, why would it be in scope for PCI compliance? Seems like a no-brainer to me.
upvoted 0 times
...
Desiree
1 months ago
A) in scope for PCI DSS.
upvoted 0 times
...
Melissa
1 months ago
A) in scope for PCI DSS.
upvoted 0 times
...
...
Christoper
2 months ago
But what if it only provides authentication services to systems in the DMZ? Would it still be in scope?
upvoted 0 times
...
Aaron
2 months ago
Haha, good thing I don't have to worry about PCI DSS in my job as a professional cat herder. But for those of you who do, C seems like the way to go.
upvoted 0 times
Kayleigh
2 months ago
C) in scope only if it stores, processes or transmits cardholder data.
upvoted 0 times
...
Deangelo
2 months ago
A) in scope for PCI DSS.
upvoted 0 times
...
...
Geraldo
2 months ago
I think it makes sense for it to be in scope, as it plays a crucial role in securing sensitive data.
upvoted 0 times
...
Nu
2 months ago
An LDAP server providing authentication services to the cardholder data environment is in scope for PCI DSS.
upvoted 0 times
...
Tarra
2 months ago
I think the correct answer is C. The LDAP server is only in scope if it's directly involved with cardholder data, otherwise it's not relevant to PCI DSS.
upvoted 0 times
Freeman
1 months ago
D) in scope only if it provides authentication services to systems in the DMZ.
upvoted 0 times
...
Evan
1 months ago
C) in scope only if it stores, processes or transmits cardholder data.
upvoted 0 times
...
Alberta
1 months ago
B) not In scope for PCI DSS.
upvoted 0 times
...
Rikki
2 months ago
A) in scope for PCI DSS.
upvoted 0 times
...
...

Save Cancel
az-700  pass4success  az-104  200-301  200-201  cissp  350-401  350-201  350-501  350-601  350-801  350-901  az-720  az-305  pl-300  

Warning: Cannot modify header information - headers already sent by (output started at /pass.php:70) in /pass.php on line 77