100% satisfaction guarantee Immediately available after payment Both online and in PDF No strings attached
logo-home
PCI ISA EXAM QUESTIONS AND 100% CORRECT ANSWERS $9.99   Add to cart

Exam (elaborations)

PCI ISA EXAM QUESTIONS AND 100% CORRECT ANSWERS

 5 views  0 purchase
  • Course
  • PCI ISA
  • Institution
  • PCI ISA

PCI ISA EXAM QUESTIONS AND 100% CORRECT ANSWERS...

Preview 2 out of 6  pages

  • September 18, 2024
  • 6
  • 2024/2025
  • Exam (elaborations)
  • Questions & answers
  • pci isa
  • pci isa exam
  • PCI ISA
  • PCI ISA
avatar-seller
Easton
PCI ISA EXAM QUESTIONS AND 100% CORRECT ANSWERS



QSAs shall retain work papers for a minimum of _______ years. It is good practice for
ISAs to do the same. - Answer 3



Under PCI DSS requirement 1, Firewall and router rule sets shall be reviewed every
_____ months. - Answer 6



At a minimum ______________ and prior to annual assessment the assessed entity:



Identifies all locations and flows of cardholder data to validate they are in scope for the
CDE Includes confirmation that their PCI DSS scope is accurate, retains their scoping
documentation for use by the assessor - Respond annually



Scope Includes

Response ppl process, technology



Evidence Retention

It is recommended that the ISA retain and maintain digital and/or hard copies of case
logs, audit results and work papers, notes and any technical information which was
created and/or obtained from during the PCI Data Security Assessment for at least
________ or as applicable to company data retention policies - Answer of three



A (time) ______ process for identifying and securely deleting stored cardholder data that
exceeds defined retention requirements. - Answer quarterly



Do not store SAD after ____________ (even if encrypted). (track data / cvc / pin) - Answer
authorization



manual clear-text key-management procedures specify processes for the use of the

, following - Answer Split knowledge.Dual control



Dual control - No single individual can execute any key-management operation without
another person and no one has access to the authentication materials of another, such
as passwords or keys



Split knowledge - Key components are under the control of at least two persons, who
only have knowledge of their own key components



PAN is made unreadable in what ways - Hash

Mask

Encrypt

Pad



Ensure that all system components and software are protected from known
vulnerabilities by installing applicable vendor-supplied security patches. Critical
security patches are installed within _____ of release. - Answer one month



Installation of all applicable vendor-supplied security patches within an
___________________ - Answer appropriate time frame for example, within three months)



ensures change control has these 4 things - Answer impack

testing (PCI review)

backout

approval



Train developers at least ________ in up-to-date secure coding techniques, including
how to avoid common coding vulnerabilities, and understanding how sensitive data is
handled in memory. - Answer annually

The benefits of buying summaries with Stuvia:

Guaranteed quality through customer reviews

Guaranteed quality through customer reviews

Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.

Quick and easy check-out

Quick and easy check-out

You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.

Focus on what matters

Focus on what matters

Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!

Frequently asked questions

What do I get when I buy this document?

You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.

Satisfaction guarantee: how does it work?

Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.

Who am I buying these notes from?

Stuvia is a marketplace, so you are not buying this document from us, but from seller Easton. Stuvia facilitates payment to the seller.

Will I be stuck with a subscription?

No, you only buy these notes for $9.99. You're not tied to anything after your purchase.

Can Stuvia be trusted?

4.6 stars on Google & Trustpilot (+1000 reviews)

75632 documents were sold in the last 30 days

Founded in 2010, the go-to place to buy study notes for 14 years now

Start selling
$9.99
  • (0)
  Add to cart