100% satisfaction guarantee Immediately available after payment Both online and in PDF No strings attached
logo-home
Previously searched by you
Previously searched by you
logo
PCI - DSS EXAM (284) QUESTIONS WITH CORRECT ANSWERS $10.99   Add to cart
Quickly navigate to
Preview
  2.  
  3. PCI - DSS
  4.  
  5. PCI - DSS

Exam (elaborations)

PCI - DSS EXAM (284) QUESTIONS WITH CORRECT ANSWERS

 7 views  0 purchase
  • Course
  • PCI - DSS
  • Institution
  • PCI - DSS

PCI - DSS EXAM (284) QUESTIONS WITH CORRECT ANSWERS ...

Preview 4 out of 59  pages

Document information

  • August 21, 2024
  • 59
  • 2024/2025
  • Exam (elaborations)
  • Unknown

Subjects

Written for

  • PCI - DSS
  • PCI - DSS

Seller

avatar-seller
Humat

Content preview

PCI - DSS EXAM (284) QUESTIONS WITH
CORRECT ANSWERS 2024-2025

-Customer buying items through a "Card Present" or "Card Not Present"
transaction

-Receives the payment card and bills from the issuer, ANSWER Cardholder


-Primary Account Number (PAN).

-Cardholder's Name

-The expiration date

-Service Code - Answer Cardholder Data Contains:


-Complete track data (Magnetic-stripe data or equivalent on a chip).

-CAV2/CVC2/CVV2/CID

-PINs/PIN blocks- ANSWER Sensitive Authentication Data includes:


American Express

Discover

JCB International

MasterCard

Visa - ANSWER Payment Brand


-A bank or other company providing a payment card on behalf of a payment brand
(e.g., MasterCard, Visa).

,-Payment Brand directly issues a payment card (e.g., Amex, Discover, JCB) -
ANSWER Issuer


ANSWER Merchant is an organization that accepts payment cards for purchases.



*Payment card transactions are processed by the merchant's bank or company.

*Receive permission request from merchant and forward it to Issuer for approval.

*Offer authorization, clearing, and settlement services to retailers

*Acquirer is also known

-- Merchant Bank.

--ISO

--Payment Brand: Amex, Discover, and JCB

--Acquirer: Never used Visa or MasterCard.



*The acquirer is responsible for merchant compliance.

--Understand payment brand compliance programs and how they apply to
merchants.

--Ensure that their merchants understand PCI DSS compliance rules and monitor
compliance activities.

--Manage merchant communications.



*Work with merchants until compliance is certified.

,--Merchants are not compliant until all relevant standards are met and validated.

--The acquirer is responsible for reporting merchant compliance status to payment
brands.



*Assume any liability that may result from non-compliance with payment brand
compliance policies (ANSWER Common Acquirer Responsibilities).



*A service provider is a non-payment brand that directly processes, stores, or
transmits cardholder data on behalf of another organization.

-Occasionally, a service provider is a merchant.



*Service Providers also include firms that provide services (to merchants, service
providers, or other entities), who control or potentially impact the security of
cardholder data.



1. Install and maintain a firewall setup to secure cardholder data.



2. Avoid using vendor-supplied defaults for system passwords and other security
parameters (ANSWER Standard 1: Build and Maintain a Secure Network and
Systems).



3. Safeguard stored cardholder data.

, 4. Encrypt cardholder data transmission over open, public networks (ANSWER
Standard 2: Protect Cardholder Data).



5. Ensure that all computers are protected against malware and that anti-virus
software or programs are constantly updated.



6. Develop and maintain secure systems and applications. ANSWER Standard 3:
Maintain a vulnerability management program.



7. Limit access to cardholder data to businesses that need to know.



8. Determine and authenticate access to system components.



9. Limit physical access to cardholder data - ANSWER Standard 4: Use Strong
Access Control Measures



10. Monitor all access to network resources and cardholder data.



11. Test security systems and processes on a regular basis - ANSWER Standard 5:
Monitoring and Testing Networks



12. Maintain an information security policy for all people (ANSWER Standard 6).

The benefits of buying summaries with Stuvia:

Guaranteed quality through customer reviews

Guaranteed quality through customer reviews

Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.

Quick and easy check-out

Quick and easy check-out

You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.

Focus on what matters

Focus on what matters

Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!

Frequently asked questions

What do I get when I buy this document?

You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.

Satisfaction guarantee: how does it work?

Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.

Who am I buying these notes from?

Stuvia is a marketplace, so you are not buying this document from us, but from seller Humat. Stuvia facilitates payment to the seller.

Will I be stuck with a subscription?

No, you only buy these notes for $10.99. You're not tied to anything after your purchase.

Can Stuvia be trusted?

4.6 stars on Google & Trustpilot (+1000 reviews)

77858 documents were sold in the last 30 days

Founded in 2010, the go-to place to buy study notes for 14 years now

Start selling
$10.99
  • (0)
  Add to cart