PCIP Questions and Answers Rated A+

Document Content and Description Below

PCIP Questions and Answers Rated A+ PCI DSS Requirement 1 ✔✔Install and maintain a firewall configuration to protect cardholder data PCI DSS Requirement 2 ✔✔Do not use vendor supplied defau ... lts for system passwords and other security parameters PCI DSS Requirement 3 ✔✔Protect stored cardholder data by enacting a formal data retention policy and implement secure deletion methods PCI DSS Requirement 4 ✔✔Protected Cardholder Data during transmission over the internet, wireless networks or other open access networks or systems (GSM, GPRS, etc.) PCI DSS Requirement 5 ✔✔Use and regularly update anti-virus software or programs PCI DSS Requirement 6 ✔✔Develop and maintain secure systems and applications PCI DSS Requirement 7 ✔✔Restrict access to cardholder data by business need to know PCI DSS Requirement 8 ✔✔Assign a unique ID to each person with computer access PCI DSS Requirement 9 ✔✔Restrict physical access to cardholder data PCI DSS Requirement 10 ✔✔Track and monitor all access to network resources and cardholder data PCI DSS Requirement 11 ✔✔Regularly test secuirty systems and processes with wireless scans, vulnerability scnas, log audits, ASV (Approved Scanning Vendor) PCI DSS Requirement 12 ✔✔Maintain a policy that addresses information security for all personnel ASV (Approved Scanning Vendor) ✔✔Company approved by the PCI SSC to conduct external vulnerability scanning services. PCI Data Security Standards (PCI DSS) ✔✔Covers the security of the environments that store, process or transmit account data. Environments receive account data from payment applications and other sources (e.g. acquirers) PCI Payment Application Data Security Standards (PCI PA-DSS) ✔✔Covers secure payment applications to support PCI DSS compliance. Applies to Third Party payment applications if the application performs authorization and/or settlement (POS, shopping carts, etc.) Ensures a payment application can function in a PCI DSS compliant manner PA-DSS applications are in scope for PCI DSS Payment application receives account data from PIN Entry Devices (PED) or other devices and begins payment transaction PCI PIN Transaction Security (PCI PTS) ✔✔Covers device tamper detection, cryptographic processes and other mechanisms to protect the Personal Identification Number (PIN). Encrypted PIN is passed to payment application or hardware terminal. PCI-PTS - PIN Security ✔✔Covers secure management, processing and transmission of personal identification number data during online and offline payment card transaction processing PCI-PTS - HSM (Hardware Security Module or Host Security Module) ✔✔A physically and logically protected hardware device that provides a secure set of cryptographic services, used for cryptographic key-management functions and/or the decryption of account data. Not required by DSS, but may help with the management [Show More]

Last updated: 2 years ago

Preview 1 out of 36 pages

Buy Now

Instant download

We Accept: