PCI Fundamentals Questions and Answers
The payment card brands are responsible for:
penalty or fee assignment for non-compliance
Authorization of a transaction usually takes place:
within one day
Previous
Play
Next
Rewind 10 seconds
Move forward 10 seconds
Unmute
0:00
/
0...
PCI Fundamentals Questions and
Answers
The payment card brands are responsible for: - answer penalty or fee assignment for
non-compliance
Authorization of a transaction usually takes place: - answer within one day
If a suspected card account number passes the Mod 10 test it means: - answer it is
definitely a valid PAN
Which of the following is true regarding network segmentation? - answer Network
segmentation is not a PCI DSS requirement
Which of the following is true related to the tracks of data on the magnetic stripe of a
payment card? - answer Track 1 contains all the fields of both track 1 and track 2
How Often should the firewall and router rule sets be reviewed? - answer Every six
months
Which Of the following statements is true concerning transaction volumes for
merchants? - answer Transaction volume is determined by each acquirer
Storing full track data after authorization is permitted under the following circumstances:
- answer NEVER
In order to reduce PCI DSS scope, adequate network segmentation should: - answer
isolate systems that store, process, or transmit cardholder data from those that do not
Systems that commonly store track data: - answer POSsystems
Which Of the following is true, regarding an entity sharing cardholder data with a service
provider? - answer The entity must have an established process for engaging
service providers, including proper due diligence prior to engagement.
When must critical new security patches be installed? - answer Within one month of
release
Which Of the following statements is true? - answer PA-DSS compliant payment
applications are in scope for a merchant's PCI DSS assessment
In accordance with PCI DSS Requirement 1, firewalls are required: - answer
between the cardholder environment and Other internal networks
, Which party is responsible for merchant compliance validation and merchant
communications? - answer Acquirer
The Mod 10 formula doubles the value of alternate digits of the primary account number
beginning with which digit? - answer Second from the left
Strong access control lists include the following: - answer Do not allow "risky"
protocols such as FTP or Telnet.
Which of the following is true? - answer A PA-DSS application installed by a QIR
must still be reviewed during the PCI DSS assessment.
PCI SSC Community Meetings: - answer provide opportunity for PCI stakeholders to
provide suggestions for changes and improvements.
Which of the following is true regarding Track data: - answer Track 1 contains all
Track 2 data and additional fields for use by the card issuer
Which of the following statements is true? - answer All systems on a "flat network"
are in scope for the PCI DSS assessment.
Assessors must always use DSS requirements have been met. - answer
independent judgment
Assessors must always use DSS requirements have been met. - answer
independent judgment
If a merchant is using a validated P2PE solution: - answer the merchant is
responsible for ensuring their own PCI DSS compliance
If an assessor wishes to use sampling during a PCI DSS assessment of a merchant
environment, the assessor must ensure: - answer the sample selection is
representative Of all types Of system components in the environment.
Which Of the following merchant environments could be eligible for SAQ B? - answer
Merchant with standalone dial-out terminals, and no electronic cardholder data storage
A service provider with no electronic cardholder data storage may be eligible to
complete: - answer SAQ D
It is permissible to store track data only if: - answer An issuer has a business reason
Typically, these accounts have elevated or increased privileges with more rights than a
standard user account: - answer Privileged User
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller Pogba119. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $13.49. You're not tied to anything after your purchase.