PCI ISA bundled exams with practice questions correctly answered

Which of the following is true regarding network segmentation? Network Segmentation is not a PCI DSS requirement When must critical security patches be installed Within 1 month 00:02 01:33 Which statement is true for a merchant using a validated P2PE solution? The merchant i...

SAQ-A e-commerce or telephone order merchants; processing fully outsourced to validated 3rd party. No processing, transmitting, storing done by merchant SAQ-B merchants with imprint machines and/or merchant with only standalone dial-out terminals 00:14 01:33 SAQ-B-IP Same as...

For PCI DSS requirement 1, firewall and router rule sets need to be reviewed every _____________ months 6 months Non-console administrator access to any web-based management interfaces must be encrypted with technology such as......... HTTPS 00:08 01:33 Requirements 2.2.2 and...

Requirement 4 Encrypt transmission of cardholder data across open, public networks Strong cryptography and Security Protocols are to include the following Only trusted keys and certificates are accepted, protocol in use only supports secure versions or configurations, and encryption strengt...

A Sustainable Compliance Program must: Be implemented into Business-as-usual (BAU) activities as part of the organizations overall security strategy. True or False: The driving objective behind all PCI DSS compliance activities is to attain a compliant report. False ongoing security of card...

The payment card brands are responsible for: penalty or fee assignment for non-compliance Authorization of a transaction usually takes place: within one day If a suspected card account number passes the Mod 10 test it means: it is definitely a valid PAN Which of the following...