SSL/early TLS may be used by POS POI terminals that are verified as not susceptible to known exploits.

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards

From $9.99Unlock all

Prepare for the PCI ASV Test with our in-depth quizzes. Study with realistic scenarios and multiple choice questions equipped with hints and explanations. Ace your certification with confidence!

Multiple Choice

SSL/early TLS may be used by POS POI terminals that are verified as not susceptible to known exploits.

SSL/early TLS is typically discouraged because these protocols have known vulnerabilities and are not suitable for protecting cardholder data in transit. Yet there is a narrowly defined allowance within PCI guidance for POS POI terminals that have been tested and verified as not susceptible to those known exploits. If a device can be demonstrated to be resistant to the identified vulnerabilities and is deployed with appropriate risk controls—such as strong network segmentation, restricted access, and ongoing monitoring—then using SSL/early TLS for that specific terminal can be permitted. This is why the statement is considered true: it states a conditional exception rather than a blanket rule. If a terminal cannot be shown to be not susceptible, then SSL/early TLS would not be allowed.

SSL/early TLS may be used by POS POI terminals that are verified as not susceptible to known exploits.

Prepare for the PCI ASV Test with our in-depth quizzes. Study with realistic scenarios and multiple choice questions equipped with hints and explanations. Ace your certification with confidence!

SSL/early TLS may be used by POS POI terminals that are verified as not susceptible to known exploits.

Get the latest from Examzify