Beststudymaterials

What are the functions of a healthy kidney? - REGULATE, SYNTHESIS, ENDOCRINE: Regulate fluid balance, blood volume, electrolytes, acid-base balance, synthesize calcitrol (active vitamin D), secrete erythropoietin and release renin what is the glomerular filtration rate in the five stages of kidney disease? - flow rate of filtered fluid through the kidney stage 1: 90+ stage 2:60-89 stage 3: 30-59 stage 4: 15-29 stage 5: <15 what are the types and stages of kidney failure? - acute ren...

Perimeter firewalls installed ______________________________. - between all wireless networks and the CHD environment. Where should firewalls be installed? - At each Internet connection and between any DMZ and the internal network. Review of firewall and router rule sets at least every __________________. - 6 months If disk encryption is used - logical access must be managed separately and independently of native operating system authentication and access control mechanisms Manual clear-t...

How is skimming used to target PCI data? - Copying payment card numbers by tampering with POS devices, ATMs, Kiosks or copying the magnetic stripe using handheld skimmers. How is phishing used to target PCI data? - By doing reconnaissance work through social engineering and or breaking in using software vulnerabilities or e-mails. How can Payment Data be Monetized? - By skimming the card to get the full track of data, and then making another like card. Using the card information in a "Card...

Which of the below functions is associated with Acquirers? A. Provide settlement services to a merchant B. Provide authorization services to a merchant C. Provide clearing services to a merchant D. All of the options - Correct Answer: D Which of the following entities will actually approve a purchase? A. Non-Issuing Merchant Bank B. Issuing Bank C. Payment Transaction Gateway D. Acquiring Bank - Correct Answer: B Which of the following lists the correct "order" for the flow of a paym...

QSAs must retain work papers for a minimum of _______ years. It is a recommendation for ISAs to do the same. - 3 According to PCI DSS requirement 1, Firewall and router rule sets need to be reviewed every _____ months. - 6 At least ______________ and prior to the annual assessment the assessed entity: - Identifies all locations and flows of cardholder data to verify they are included in the CDE - Confirms the accuracy of their PCI DSS scope - Retains their scoping documentation for assess...

For PCI DSS requirement 1, firewall and router rule sets need to be reviewed every _____________ months - 6 months Non-console administrator access to any web-based management interfaces must be encrypted with technology such as......... - HTTPS Requirements 2.2.2 and 2.2.3 cover the use of secure services, protocols and daemons. Which of the following is considered to be secure? - SSH Which of the following is considered "Sensitive Authentication Data"? - Card Verification Value (CAV2/...

Non-console administrator access to any web-based management interfaces must be encrypted with technology such as......... - HTTPS Requirements 2.2.2 and 2.2.3 cover the use of secure services, protocols and daemons. Which of the following is considered to be secure? - SSH Which of the following is considered "Sensitive Authentication Data"? - Card Verification Value (CAV2/CVC2/CVV2/CID), Full Track Data, PIN/PIN Block True or False: It is acceptable for merchants to store Sensitive Auth...

The payment card brands are responsible for: - penalty or fee assignment for non-compliance Authorization of a transaction usually takes place: - within one day If a suspected card account number passes the Mod 10 test it means: - it is definitely a valid PAN Which of the following is true regarding network segmentation? - Network segmentation is not a PCI DSS requirement Which of the following is true related to the tracks of data on the magnetic stripe of a payment card? - Track 1 contai...

Which of the following does not belong? The following events should be included in automated audit trails for all system component: -Individual access to cardholder data -Creation and deletion of system-level objects -Invalid logical access attempts -Actions taken by user with root or administrative privileges -Changes, additions, or deletions to any account with root or administrative privileges -Audit trail access -Use of identification and authentication mechanisms -Elevation of priv...

A patient tells the nurse that he is very nervous, nauseated and that he "feels hot". This type of data would be considered: - subjective Because the physical environment in which an interview takes place is an important consideration for the success of an interview, the interviewer should: - reduce noise by turning off televisions and cell phones A nurse is taking complete health histories on all the patients attending a wellness workshop. While conducting an interview with a patient, t...