Payment Card Industry Professional PCIP Training 100% Solved
Payment Card Industry Professional PCIP Training 100% Solved How many PCI DSS Goals 6 How many PCI DSS requirements 12 requirement 1 Build and Maintain a Secure Network and Systems requirement 2 Do not use vendor-supplied defaults for system passwords and other security parameters requirement 3 Protect stored cardholder data requirement 4 Encrypt transmission of cardholder data across open, public networks requirement 5 Protect all systems against malware and regularly update anti-virus software or programs requirement 6 Develop and maintain secure systems and applications requirement 7 Restrict access to cardholder data by business need to know requirement 8 Identify and authenticate access to system components requirement 9 Restrict physical access to cardholder data requirement 10 Track and monitor all access to network resources and cardholder data requirement 11 Regularly test security systems and processes requirement 12 Maintain a policy that addresses information security for all personnel Goal 1 Build and Maintain a Secure Network and Systems Goal 2 Protect Cardholder Data Goal 3 Maintain a Vulnerability Management Program Goal 4 Implement Strong Access Control Measures Goal 5 Regularly Monitor and Test Networks Goal 6 Maintain an Information Security Policy CHD Cardholder Data SAD Sensitive Authentication Data Cardholder Data Primary Account Number (PAN) Cardholder Name Expiration Date Service Code Sensitive Authentication Data Full track data (magnetic-stripe data or equivalent on a chip) CAV2/CVC2/CVV2/CID PINs/PIN blocks PAN Primary Account Number Can store Primary Account Number Yes but render unreadable Can store Cardholder Name Yes Can store Service Code Yes Can store Expiration Date Yes Can store Full Track Data No Can store CAV2/CVC2/CVV2/CID4 No Can store PIN/PIN Block No Which requirement details the requirement to Render Stored Data Unreadable 3.4 Which requirement details the storage of SAD 3.2 The cardholder data environment (CDE) is comprised of people, processes and technologies that store, process, or transmit cardholder data or sensitive authentication data CDE The cardholder data environment PIN Personal Identification Number PED PIN entry device PCI Payment Card Industry PCI DSS Payment Card Industry Data Security Standard POI Point of Interaction, where data is read from card POS point of sale, hardware and/or software used to process payment card transactions PTS PIN Transaction Security QIR Qualified Integrator or Reseller ROC Report on Compliance ROV Report on Validation SAQ Self-Assessment Questionnaire SDLC system development life cycle or software development lifecycle Strong Cryptography AES (128 bits and higher) TDES/TDEA (triple-length keys) RSA (2048 bits and higher) ECC (224 bits and higher) DSA/D-H (2048/224 bits and higher) MO/TO Mail-Order/Telephone-Order Prioritized Approach for PCI DSS 6 milestones
Written for
- Institution
- Payment Card Industry Professional PCIP
- Course
- Payment Card Industry Professional PCIP
Document information
- Uploaded on
- September 22, 2023
- Number of pages
- 7
- Written in
- 2023/2024
- Type
- Exam (elaborations)
- Contains
- Questions & answers
Subjects
-
payment card industry professional pcip training 1
Also available in package deal
