AQSA Certification Exam all answers correct ; latest spring 2024
14 views 0 purchase
Course
AQSA
Institution
AQSA
PCI SSC - correct answer is an independent industry standards body providing
oversights of the development and management of Payment Card Industry Data
Security Standards on a global basis.
What are the founding payment brands? - correct answer American express,
Discover, JCB, Mastercard, and V...
AQSA Certification
PCI SSC - correct answer is an independent industry standards body providing
oversights of the development and management of Payment Card Industry Data
Security Standards on a global basis.
What are the founding payment brands? - correct answer American express,
Discover, JCB, Mastercard, and VISA
What define the merchant levels? - correct answer defined by the payment
brands, based on transaction volume. Transaction volume determined by the
acquirer)
What define the service provider levels? - correct answer Defined by the payment
brands according to transaction volume and/or type of service provider.
Determined by the payment brans or acquirer, or sometimes the service provider.
SAQ-A - correct answer Card-not-present merchants (e-commerce or
mail/telephone-order) that have fully outsourced all cardholder data functions to
PCI DSS validated third-part service providers, with no electronic storage,
processing, or transmission of any cardholder data on the merchant's systems or
premises.
SAQ A-EP - correct answer E-commerce merchants who outsource all payment
processing to PCI DSS validated third parties, and who have a website(s) that
doesn't directly receive cardholder data but that can impact the security of the
payment transaction. No electronic storage, processing, or transmission of any
cardholder data on the merchant's systems or premises.
SAQ-B - correct answer Merchants using only:
- Imprint machines with no electronic cardholder data storage; and/or
- Standalone, dial-out terminals with no electronic cardholder data storage.
SAQ-B-IP - correct answer Merchants using only stand-alone, PTS-approved
payment terminals with an IP connection to the payment processor, with no
electronic cardholder data storage.
Not applicable to e-commerce channels.
SAQ C-VT - correct answer is for merchants using only web-based virtual payment
terminals, where cardholder data is manually entered into a secure website from
a single system.
SAQ-C - correct answer is for merchants with dedicated payment application
systems segmented from all other systems, and connected to the Internet for the
purposes of transaction processing. SAQ C is not applicable to e-commerce
payment channels. A merchant only accepts payments via the telephone and they
enter the cardholder data directly into a webpage provided by their acquirer.
1
, AQSA Certification
PCI DSS - correct answer covers security of the environments that store, process,
or transmit account data. The scope of PCI DSS covers environments receiving
account data from payment applications and other sources—acquirers, for
example.
PCI PA-DSS - correct answer covers secure payment applications to support PCI
DSS compliance. The scope of PA-DSS addresses when a payment application
receives account data from cardholder-interface devices such as point-of sale-
terminals or other devices and begins the payment transaction.
PCI P2PE (Point-to-Point Encryption) - correct answer covers secure encryption,
decryption, and key management for point-to-point encryption solutions.
Requirements for a P2PE solution will vary depending on the deployment
environment and the technologies used for a specific implementation.
PCI PTS (PIN Transaction Security) POI - correct answer covers device tamper
detection, cryptographic processes, and other mechanisms used to protect the
PIN and other sensitive data, such as cryptographic keys. The PTS set of
requirements addresses how cardholder PINs are protected at cardholder-
interface devices such as point-of-sale terminals, as well as hardware security
modules that are used for payment processing and cardholder authentication
applications and processes.
PCI PIN Security - correct answer covers secure management, processing, and
transmission of personal identification number (PIN) data during online and
offline payment card transaction processing.
PCI PTS HSM standard - correct answer covers the design of hardware security
modules and for securely protecting those devices until they are deployed.
Card Production standards - correct answer establish minimum security levels for
card vendors involved in payment card manufacturing, card personalization, pre-
personalization, chip embedding, data preparation , and fulfillment.
Discover Compliance Program is called ______________. - correct answer
Information Security Compliance
JCB Compliance Program is called ______________. - correct answer Data
Security Program
MasterCard Compliance Program is called ______________. - correct answer Site
Data Protection
Visa Inc. Compliance Program is called ______________. - correct answer
Information Security Program
Visa Europe Compliance Program is called ______________. - correct answer
Account Information Security Program.
2
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller VISA. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $9.99. You're not tied to anything after your purchase.
