Which technique is most effective for permanently removing systems from PCI DSS scope?
-
A
Encrypting all cardholder data stored on those systems
-
B
Applying strong access controls to limit who can view the data
-
C
Eliminating the storage, processing, and transmission of cardholder data on those systems
-
D
Using tokenization to replace card data with a token that is also stored on the system