🔥 3-day streak
CompTIA SecurityX (CAS-005)67 / 120
Question 67 of 120
A retail organization processes credit card payments through an in-house web application that stores full cardholder data in its database. During a PCI DSS assessment, the QSA notes the entire corporate network is currently in scope because the payment application shares network segments with general business systems. The CISO wants to reduce the cost and complexity of maintaining compliance for the next assessment cycle. Which approach would MOST effectively reduce the PCI DSS scope while maintaining the ability to accept card payments?
Reviewed for accuracy · Report an issueNext question