Electrical Engineering > EXAM > PCI Fundamentals questions and answers 2022/2023 (All)
PCI Fundamentals questions and answers 2022/2023
Document Content and Description Below
The payment card brands are responsible for: penalty or fee assignment for non-compliance Authorization of a transaction usually takes place: within one day If a suspected card account... number passes the Mod 10 test it means: it is definitely a valid PAN Which of the following is true regarding network segmentation? Network segmentation is not a PCI DSS requirement Which of the following is true related to the tracks of data on the magnetic stripe of a payment card? Track 1 contains all the fields of both track 1 and track 2 How Often should the firewall and router rule sets be reviewed? Every six months Which Of the following statements is true concerning transaction volumes for merchants? Transaction volume is determined by each acquirer Storing full track data after authorization is permitted under the following circumstances: NEVER In order to reduce PCI DSS scope, adequate network segmentation should: isolate systems that store, process, or transmit cardholder data from those that do not Systems that commonly store track data: POSsystems Which Of the following is true, regarding an entity sharing cardholder data with a service provider? The entity must have an established process for engaging service providers, including proper due diligence prior to engagement. When must critical new security patches be installed? Within one month of release Which Of the following statements is true? PA-DSS compliant payment applications are in scope for a merchant's PCI DSS assessment In accordance with PCI DSS Requirement 1, firewalls are required: between the cardholder environment and Other internal networks Which party is responsible for merchant compliance validation and merchant communications? Acquirer The Mod 10 formula doubles the value of alternate digits of the primary account number beginning with which digit? Second from the left Strong access control lists include the following: Do not allow "risky" protocols such as FTP or Telnet. Which of the following is true? A PA-DSS application installed by a QIR must still be reviewed during the PCI DSS assessment. PCI SSC Community Meetings: provide opportunity for PCI stakeholders to provide suggestions for changes and improvements. Which of the following is true regarding Track data: Track 1 contains all Track 2 data and additional fields for use by the card issuer Which of the following statements is true? All systems on a "flat network" are in scope for the PCI DSS assessment. Assessors must always use DSS requirements have been met. independent judgment [Show More]
Last updated: 2 years ago
Preview 1 out of 7 pages
Buy this document to get the full access instantly
Instant Download Access after purchase
Buy NowInstant download
We Accept:
Reviews( 0 )
$10.00
Can't find what you want? Try our AI powered Search
Document information
Connected school, study & course
About the document
Uploaded On
Oct 13, 2022
Number of pages
7
Written in
Additional information
This document has been written for:
Uploaded
Oct 13, 2022
Downloads
0
Views
43
