PCI ISA Exam 200 Questions Correctly Answered
HTTPS - AnswerEncrypts non-console administrative access to web-based interfaces
SSH - AnswerSecure service, protocol, or daemon
Sensitive Authentication Data - Answer Includes CVV, Full Track Data, PIN
PAN Masking- AnswerMasking digits between the first six and the last four
PAN Protection - AnswerMust not be readable during transmission across the network
Hashing for PAN- AnswerEncrypts PAN using strong-cryptography algorithms
Split Knowledge - AnswerIs a must for keys stored in production systems
Least Privilege - Answer Providing minimum access to users in CDE
SHA-2 - Answer Hash functions of National Security Agency
Visitor Access - Answer Visitors shall be escorted at all times in sensitive areas.
Key Protection - Answer Limitations on key access and storage
Cryptographic Architecture Description - Answer Description of algorithms, keys, and
HSMs in use
, DESV Requirements - Answer Implementation of a Compliance program of PCI DSS
Track 1 Data - Answer Contains all the fields of Track 1 and 2
Track 2 Data - Answer Provides for faster speeds for dial-up transmissions, as well as
DESV - Answer Designated Entities Supplemental Validation
Pre-Assessment Activities - Answer Plan and prepare for the assessment in advance by
the assessor
Authorization - Answer When authorization is at the time of purchase
Clearing - Answer Takes typically one day
Settlement - Answer Two days typically
Dual Control - Answer requires more than one individual to perform necessary functions
Key Retirement - Answer Keys too weak or keys that have been compromised
Masking - Data is made available but unreadable
Truncation - Data stored is irrecoverably transformed
Hashing - One-way encryption of data to render them useless
HTTPS - AnswerEncrypts non-console administrative access to web-based interfaces
SSH - AnswerSecure service, protocol, or daemon
Sensitive Authentication Data - Answer Includes CVV, Full Track Data, PIN
PAN Masking- AnswerMasking digits between the first six and the last four
PAN Protection - AnswerMust not be readable during transmission across the network
Hashing for PAN- AnswerEncrypts PAN using strong-cryptography algorithms
Split Knowledge - AnswerIs a must for keys stored in production systems
Least Privilege - Answer Providing minimum access to users in CDE
SHA-2 - Answer Hash functions of National Security Agency
Visitor Access - Answer Visitors shall be escorted at all times in sensitive areas.
Key Protection - Answer Limitations on key access and storage
Cryptographic Architecture Description - Answer Description of algorithms, keys, and
HSMs in use
, DESV Requirements - Answer Implementation of a Compliance program of PCI DSS
Track 1 Data - Answer Contains all the fields of Track 1 and 2
Track 2 Data - Answer Provides for faster speeds for dial-up transmissions, as well as
DESV - Answer Designated Entities Supplemental Validation
Pre-Assessment Activities - Answer Plan and prepare for the assessment in advance by
the assessor
Authorization - Answer When authorization is at the time of purchase
Clearing - Answer Takes typically one day
Settlement - Answer Two days typically
Dual Control - Answer requires more than one individual to perform necessary functions
Key Retirement - Answer Keys too weak or keys that have been compromised
Masking - Data is made available but unreadable
Truncation - Data stored is irrecoverably transformed
Hashing - One-way encryption of data to render them useless
