The lockout duration is a minimum of 2 hours.

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $9.99Unlock all

Prepare for the PCI Approved Scanning Vendor (ASV) Test. Study with flashcards, multiple choice questions, hints, and explanations. Get exam ready!

Multiple Choice

The lockout duration is a minimum of 2 hours.

Explanation:
Lockout duration after failed login attempts is governed by an organization’s security policy, not by a fixed PCI DSS requirement. PCI DSS does not specify a minimum lockout time, so stating that it must be a minimum of 2 hours is not correct. The standard requires protections against brute-force access, but the exact duration is up to the organization’s policy and risk considerations, which can vary widely from short intervals to longer periods. In practice, you should ensure there is a functioning lockout mechanism after several failed attempts, but the duration itself is not mandated to be 2 hours.

Lockout duration after failed login attempts is governed by an organization’s security policy, not by a fixed PCI DSS requirement. PCI DSS does not specify a minimum lockout time, so stating that it must be a minimum of 2 hours is not correct. The standard requires protections against brute-force access, but the exact duration is up to the organization’s policy and risk considerations, which can vary widely from short intervals to longer periods. In practice, you should ensure there is a functioning lockout mechanism after several failed attempts, but the duration itself is not mandated to be 2 hours.

More Multiple Choice Questions
Subscribe

Get the latest from Examzify

You can unsubscribe at any time. Read our privacy policy