AWS PCI DSS Certification

Answer - D.

For the PCI DSS-related documentation, please check https://aws.amazon.com/compliance/pci-dss-level-1-faqs/

You can use AWS Artifact to view the compliance documents.

Option D is the correct answer.

The correct answer is D. AWS Artifact.

PCI DSS is a set of security standards established by the Payment Card Industry Security Standards Council to ensure the protection of credit and debit card information. AWS is a PCI DSS Level 1 service provider, which is the highest level of compliance with PCI DSS requirements.

To verify that AWS is compliant with PCI DSS, you can use AWS Artifact, which provides on-demand access to AWS compliance reports and other documentation. AWS Artifact provides the following documents related to PCI DSS compliance:

1. Attestation of Compliance (AoC): An AoC is a report issued by a Qualified Security Assessor (QSA) that verifies that AWS complies with all the requirements of the PCI DSS. AWS provides a current AoC for its PCI DSS compliance on AWS Artifact.

2. Responsibility Summary: A Responsibility Summary is a document that outlines the shared responsibility model between AWS and its customers for PCI DSS compliance. It specifies which security controls are the responsibility of AWS, and which are the responsibility of the customer.

3. Report on Compliance (RoC): A RoC is a report that provides a detailed description of how a service provider complies with the PCI DSS. AWS does not provide a RoC for its PCI DSS compliance, but instead provides a Service Provider Questionnaire (SPQ) that can be used by customers to assess their own compliance when using AWS.

Therefore, AWS Artifact is the best service to use to verify AWS's compliance with PCI DSS, as it provides access to the necessary documentation to verify that AWS is a PCI DSS Level 1 service provider.