Question

3. What are some options, according to PCI DSS, to protect external-facing Web applications from known attacks?

4. To perform a PCI DSS compliance audit on your e-commerce Web site, what should you incorporate into Requirement #6, “Develop and Maintain Secure Systems & Applications”?

5. What do you recommend this organization implement for privacy data storage in long- term data storage devices?

Answer 1

Answer1:

· Having all custom application code reviewed for common vulnerabilities by a corporation that focuses on application security.

· Installing Associate in nursing application layer firewall before of Web-facing applications.

Answer2:

· Code reviews mean that somebody or one thing appearance through your ASCII text file finding out vulnerabilities. Services like will this could this may} be pricy however can establish each security vulnerabilities in your code and poor cryptography practices.

· Web vulnerability assessments take the angle of an outdoor assailant making an attempt to drag knowledge from your system. are they're typically quicker than a typical code review since the sole areas of the positioning they're checking are outwardly facing. All of the backend code which will pull down pricelists from the online, retrieve stock quotes, update figures, etc. can seemingly not be seen throughout this assessment. These permits for a slim specialize in what's vulnerable and tests what is presumed to be attacked.

Answer3:

Knowledge is effective. Secret writing is right for short knowledge storage. For semi permanent knowledge storage, physical security is most popular over secret writing.