Identify all databases containing cardholder data.
For each database containing cardholder data:
i. Describe how authentication is managed (for example, via application and/or database interfaces).
ii. Describe how database and/or application configuration settings were observed to authenticate all users prior to access.