What action must a retail location take if unauthorized wireless devices are detected?

The most appropriate action when unauthorized wireless devices are detected at a retail location is to report to management. This ensures that the issue is escalated to the correct personnel who can make informed decisions about how to address the concern, taking appropriate steps to investigate and remediate the situation.

Reporting provides an opportunity for management to assess potential security risks, implement necessary changes to security policies, and ensure compliance with PCI DSS requirements. Such devices can pose significant risks, as they may be used for intercepting sensitive information, including payment card data.

In contrast, ignoring the devices would exacerbate security vulnerabilities, while immediate removal may not be wise without understanding the potential implications of doing so. Testing for their presence quarterly, although part of an ongoing strategy to maintain security, does not address the immediate need to act when unauthorized devices are found.