PCI Practice Test 2 Exam Question &
Answers ( latest Grade A+)
Which of the below functions is associated with acquirers?
- Provide clearing services to a merchant
- Provide authorization services to the merchant
- All of the options
- Provide settlement services to the merchant - CORRECT
ANSWERS ✔✔All of the options
If virtualization technologies are used in cardholder data
environment?
- Virtualization technologies are not to be used in the
cardholder data environment
- The virtualization technologies are not in scope for PCI-
DSS
- Entities using virtualization technologies should be
complete SAQ C
- The virtualization technologies are included in scope for
PCI DSS - CORRECT ANSWERS ✔✔The virtualization
technologies are included in scope for PCI DSS
Access to view audit trails should be granted _____.
- only to individuals with a job-related need
- So that no personnel can view the logs
- To all system operators
,PCI Practice Test 2 Exam Question &
Answers ( latest Grade A+)
- To all personnel - CORRECT ANSWERS ✔✔only to
individuals with a job-related need
Audit logs must be immediately available for analysis for
a period of ____ and must be retained for a period of
_____.
- 3 months and 1 year
- 6 months and 1 year
- 2 months and 2 years
- 2 months and 1 year - CORRECT ANSWERS ✔✔3
months and 1 year
Which of the following is true regarding protection of
PAN?
- PAN must be rendered unreadable during transmission
over public , wireless networks
- There are no PCI-DSS requirements for rendering PAN
unreadable
- PAN must be rendered unreadable during transmission
over private, secure network
- PAN must be rendered unreadable when present in
volatile memory during a transaction - CORRECT
ANSWERS ✔✔PAN must be rendered unreadable
during transmission over public , wireless networks
, PCI Practice Test 2 Exam Question &
Answers ( latest Grade A+)
One of the principles to be used when granting user
access to systems in the CDE is:
- Default allow all
- Equal privilege
- Least privilege
- Most privilege - CORRECT ANSWERS ✔✔Least
privilege
Storing track data "long term" or "persistently" is
permitted when_______.
- It is hashed by the merchants storing it.
- It is reported to the PCI SSC annually in a ROC
- It is encrypted by the merchant storing it.
- It is being stored by the issuers - CORRECT ANSWERS
✔✔It is being stored by the issuers
The decision about a merchant's level is made by the:
- Merchant's QSA
- Payment Brands
- Merchant
Answers ( latest Grade A+)
Which of the below functions is associated with acquirers?
- Provide clearing services to a merchant
- Provide authorization services to the merchant
- All of the options
- Provide settlement services to the merchant - CORRECT
ANSWERS ✔✔All of the options
If virtualization technologies are used in cardholder data
environment?
- Virtualization technologies are not to be used in the
cardholder data environment
- The virtualization technologies are not in scope for PCI-
DSS
- Entities using virtualization technologies should be
complete SAQ C
- The virtualization technologies are included in scope for
PCI DSS - CORRECT ANSWERS ✔✔The virtualization
technologies are included in scope for PCI DSS
Access to view audit trails should be granted _____.
- only to individuals with a job-related need
- So that no personnel can view the logs
- To all system operators
,PCI Practice Test 2 Exam Question &
Answers ( latest Grade A+)
- To all personnel - CORRECT ANSWERS ✔✔only to
individuals with a job-related need
Audit logs must be immediately available for analysis for
a period of ____ and must be retained for a period of
_____.
- 3 months and 1 year
- 6 months and 1 year
- 2 months and 2 years
- 2 months and 1 year - CORRECT ANSWERS ✔✔3
months and 1 year
Which of the following is true regarding protection of
PAN?
- PAN must be rendered unreadable during transmission
over public , wireless networks
- There are no PCI-DSS requirements for rendering PAN
unreadable
- PAN must be rendered unreadable during transmission
over private, secure network
- PAN must be rendered unreadable when present in
volatile memory during a transaction - CORRECT
ANSWERS ✔✔PAN must be rendered unreadable
during transmission over public , wireless networks
, PCI Practice Test 2 Exam Question &
Answers ( latest Grade A+)
One of the principles to be used when granting user
access to systems in the CDE is:
- Default allow all
- Equal privilege
- Least privilege
- Most privilege - CORRECT ANSWERS ✔✔Least
privilege
Storing track data "long term" or "persistently" is
permitted when_______.
- It is hashed by the merchants storing it.
- It is reported to the PCI SSC annually in a ROC
- It is encrypted by the merchant storing it.
- It is being stored by the issuers - CORRECT ANSWERS
✔✔It is being stored by the issuers
The decision about a merchant's level is made by the:
- Merchant's QSA
- Payment Brands
- Merchant
