Exam (elaborations)
PCI ISA Exam Questions And Accurate Answers @ 2024
- Course
- Institution
PCI ISA Exam Questions And Accurate Answers @ 2024...
[Show more]
Content preview
PCI ISA Exam Questions And Accurate Answers @ 2024SAQ-A - Implement e-commerce or telephone order merchants; all processing
outsourced to validated 3rd party. No processing, transmitting, storing done by
merchant
SAQ-B - Implement merchants with imprint machines and/or merchant with only
standalone dial-out terminals
SAQ-B-IP - Implement Same as SAQ-B but the terminals not dial-out, the terminals have
an IP connection
SAQ-C - Answer Merchants with payment apps connected to the Internet but have no
CHD storage. Not available if doing ecommerce
SAQ-C-VT - Answer Merchants who only use virtual terminals from a validated 3rd party.
Do transactions one at a time. Not available if doing ecommerce
SAQ-A-EP - Answer Same as SAQ-A but web site could affect the security of outsourced
3rd party solution.
SAQ-D - Answer Used by merchants not eligible for any other SAQ. Service providers
must always use SAQ-D
Where are firewalls required - Answer Between Internet and CHD, between DMZ and
internal network, between wireless networks and CHD
How often must firewall rules be reviewed - Answer 6 months and after significant
environment change
, Non-Console admin access must be ______ - Answer encrypted
CHD data can only be retained for how long? - Merchant documented policy based on
business, regulatory, legal requirements
CHD that has exceeded its defined retention period must be deleted based on a ________
process - Answer quarterly
When is it OK to store sensitive authentication date (SAD)? - Answer temporarily prior to
authorization. Issuers can store SAD based on business need
Sensitive Authentication Data - Answer Full Track, Track 1, Track 2, CVV, PIN. Any
equivalent from chip
When masking a card number what can be shown - Answer first 6 and last 4
Acceptable methods for making PAN unreadable - Answer Hash, Truncation, Tokenized,
strong key cryptography
Secret/Private keys must be protected by which method(s) - Which of the following are
correct? 1) key-encrypting key, stored separately. 2) Hardware Security Module (HSM)
3) two full length key components (aka split knowledge)
Spit Knowledge - Which of the following is correct? two or more people separately have
key components; knowing only their half
Name at least 3 open public networks - Which three or more of the following are
correct? Internet, wireless networks (802.11 and Bluetooth), Cellular networks, Satellite
networks
WEP Wired Equivalent Privacy - 802.11 encryption. Very weak. Retired in 2004. Use
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller Easton. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $9.99. You're not tied to anything after your purchase.
Can Stuvia be trusted?
4.6 stars on Google & Trustpilot (+1000 reviews)
79271 documents were sold in the last 30 days
Founded in 2010, the go-to place to buy study notes for 14 years now