Exam (elaborations)

PCIP Questions and Answers Rated A+

2 views 0 purchase

Course
PCIP Certificates

Institution
PCIP Certificates

PCI DSS Requirement 1 Install and maintain a firewall configuration to protect cardholder data PCI DSS Requirement 2 Do not use vendor supplied defaults for system passwords and other security parameters PCI DSS Requirement 3 Protect stored cardholder data by enacting a formal data retention p...

[Show more]

Preview 4 out of 36 pages

View example

Uploaded on October 18, 2023
Number of pages 36
Written in 2023/2024
Type Exam (elaborations)
Contains Questions & answers

pcip questions and answers rated a

$13.19

Added

Add to cart

Add to wishlist

100% satisfaction guarantee
Immediately available after payment
Both online and in PDF
No strings attached

PCIP Questions and Answers Rated A+
PCI DSS Requirement 1 ✔✔Install and maintain a firewall configuration to protect cardholder

data

PCI DSS Requirement 2 ✔✔Do not use vendor supplied defaults for system passwords and other

security parameters

PCI DSS Requirement 3 ✔✔Protect stored cardholder data by enacting a formal data retention

policy and implement secure deletion methods

PCI DSS Requirement 4 ✔✔Protected Cardholder Data during transmission over the internet,

wireless networks or other open access networks or systems (GSM, GPRS, etc.)

PCI DSS Requirement 5 ✔✔Use and regularly update anti-virus software or programs

PCI DSS Requirement 6 ✔✔Develop and maintain secure systems and applications

PCI DSS Requirement 7 ✔✔Restrict access to cardholder data by business need to know

,PCI DSS Requirement 8 ✔✔Assign a unique ID to each person with computer access

PCI DSS Requirement 9 ✔✔Restrict physical access to cardholder data

PCI DSS Requirement 10 ✔✔Track and monitor all access to network resources and cardholder

data

PCI DSS Requirement 11 ✔✔Regularly test secuirty systems and processes with wireless scans,

vulnerability scnas, log audits, ASV (Approved Scanning Vendor)

PCI DSS Requirement 12 ✔✔Maintain a policy that addresses information security for all

personnel

ASV (Approved Scanning Vendor) ✔✔Company approved by the PCI SSC to conduct external

vulnerability scanning services.

PCI Data Security Standards (PCI DSS) ✔✔Covers the security of the environments that store,

process or transmit account data.

,Environments receive account data from payment applications and other sources (e.g. acquirers)

PCI Payment Application Data Security Standards

(PCI PA-DSS) ✔✔Covers secure payment applications to support PCI DSS compliance.

Applies to Third Party payment applications if the application performs authorization and/or

settlement (POS, shopping carts, etc.)

Ensures a payment application can function in a PCI DSS compliant manner

PA-DSS applications are in scope for PCI DSS

Payment application receives account data from PIN Entry Devices (PED) or other devices and

begins payment transaction

PCI PIN Transaction Security (PCI PTS) ✔✔Covers device tamper detection, cryptographic

processes and other mechanisms to protect the Personal Identification Number (PIN).

Encrypted PIN is passed to payment application or hardware terminal.

, PCI-PTS - PIN Security ✔✔Covers secure management, processing and transmission of personal

identification number data during online and offline payment card transaction processing

PCI-PTS - HSM (Hardware Security Module or Host Security Module) ✔✔A physically and

logically protected hardware device that provides a secure set of cryptographic services, used for

cryptographic key-management functions and/or the decryption of account data. Not required by

DSS, but may help with the management of keys.

PCI Point to Point Encryption (PCI P2PE) ✔✔Covers encryption, decryption and key

management within secure cryptographic devices (SCD). Not a requirement but may result in

reduction of scope.

Secure Cryptographic Device (SCD) ✔✔A set of hardware, software and firmware that

implements cryptographic processes (including cryptographic algorithms and key generation)

and is contained within a defined cryptographic boundary. Examples of secure cryptographic

devices include host/hardware security modules (HSMs) and point-of-interaction devices (POIs)

that have been validated to PCI PTS.

POI - Point of Interaction ✔✔The initial point where data is read from a card. An electronic

transaction-acceptance product, a POI consists of hardware and software and is hosted in

The benefits of buying summaries with Stuvia:

Guaranteed quality through customer reviews

Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.

Quick and easy check-out

You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.

Focus on what matters

Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!

Frequently asked questions

What do I get when I buy this document?

You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.

Satisfaction guarantee: how does it work?

Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.

Who am I buying these notes from?

Stuvia is a marketplace, so you are not buying this document from us, but from seller SonnieG. Stuvia facilitates payment to the seller.

Will I be stuck with a subscription?

No, you only buy these notes for $13.19. You're not tied to anything after your purchase.

Can Stuvia be trusted?

4.6 stars on Google & Trustpilot (+1000 reviews)

79223 documents were sold in the last 30 days

Founded in 2010, the go-to place to buy study notes for 14 years now

Start selling

Popular Universities in the United States

Popular books

Find notes and summaries for these qualifications