최신 PCIP3.0 무료덤프 - PCI Payment Card Industry Professional

문제1

The PCI DSS Requirement most closely associated with "Logging" is ____________

A. Requirement 8

B. Requirement 2

C. Requirement 11

D. Requirement 10

정답: D

문제2

Maintain a policy that addresses information security for all personnel is the ________

A. Requirement 11

B. Requirement 10

C. Requirement 9

D. Requirement 12

정답: D

문제3

Restrict access to cardholder data by business need-to-know

A. Requirement 8

B. Requirement 7

C. Requirement 10

D. Requirement 9

정답: B

문제4

Which statement is true regarding sensitive authentication data?

A. Sensitive data is required for recurring transactions

B. Sensitive authentication data includes PAN and service code

C. Sensitive authentication exists in the magnetic strip or chip, and is also printed on the payment card

D. Encrypt sensitive authentication data removes it from PC DSS scope

정답: C

문제5

The P2PE Standard covers:

A. Secure payment applications for processing transactions

B. Physical security requirements for manufacturing payment cards

C. Encryption, decryption, and key management requirements for point-to-point encryption solutions

D. Mechanisms used to protect the PIN and encrypted PIN blocks

정답: C

문제6

To whom is Self-Assessment Question naire (SAQ) A intended for?

A. Card-not-present Merchants, All Cardholder Data Functions Fully Outsourced

B. Merchants with Only Imprint Machines or Only Standalone, Dial-out Terminals- No Electronic
Cardholder Data Storage Merchants with Only Imprint Machines or Only Standalone, Dial-out Terminals
No Electronic Cardholder Data Storage Merchants with Only Imprint Machines or Only Standalone,
Dial-out Terminals- No Electronic Cardholder Data Storage Merchants with Only Imprint Machines or
Only Standalone, Dial-out Terminals- No Electronic Cardholder Data Storage Merchants with Only
Imprint Machines or Only Standalone, Dial-Out Terminals - No Electronic Cardholder Data Storage

C. Merchants with Payment Application Systems Connected to the Internet-No Electronic Cardholder
Data Storage Merchants with Payment Application Systems Connected to the Internet- No Electronic
Cardholder Data Storage Merchants with Payment Application Systems Connected to the Internet-No
Electronic Cardholder Data Storage Merchants with Payment Application Systems Connected to the
Internet-No Electronic Cardholder Data Storage Merchants with Payment Application Systems
Connected to the Internet - No Electronic Cardholder Data Storage

D. Merchants with Web-Based Virtual Payment Terminals-No Electronic Cardholder Data Storage

정답: A

문제7

Requirement 2.2.2 and 2.2.3 cover the use of secure services, protocols, and daemons as required for the function of a system. Which of the following is considered secure?

A. Telnet

B. FTP

C. RLogon

D. SSH

정답: D

문제8

What are best practices for implementing PCI DSS into Business-as-Usual (BAU) Processes? (Select
ALL that apply)

A. Focus on security, not on compliance

B. Building security into business-as-usual helps organizations to maintain their PCI DSS compliant environment in between PCI DSS assessments

C. Don't forget about people

D. PCI DSS is not a once-a-year activity

정답: A,B,C,D

문제9

Encrypt transmission of cardholder data across open, public networks is the ______

A. Requirement 2

B. Requirement 1

C. Requirement 4

D. Requirement 5

정답: C

최신 PCIP3.0 무료덤프 - PCI Payment Card Industry Professional

우리와 연락하기

유용한 링크

최신 업데이트