-
PCI ISA Exam 200 Questions
1. HTTPS - ANSWER - Encrypts non console admin access to web-based interfaces
2. SSH - ANSWER - Secure service, protocol, or daemon
3. Sensitive Authentication Data - ANSWER - Includes CVV, Full Track Data, PIN
4. PAN Masking - ANSWER - Masks digits between first six and last four
5. PAN Protection - ANSWER - Must be unreadable during transmission over networks
6. Hashing for PAN - ANSWER - Encrypts PAN using strong cryptography
7. Split Knowledge - ANSWER - Required for keys stored on production systems
8. Least Privilege - ANSWER - Granting minimal user access in CDE
9. SHA-2 - ANSWER - National Security Agency's cryptographic hash functions
10. Visitor Access - ANSWER - Visitors must be escorted in sensitive areas
11. Key Protection - ANSWER - Restrictions on key access and storage
12. Cryptographic Architecture Description - ANSWER - Details of algorithms, keys, and
HSMs used
13. DESV Requirements - ANSWER - PCI DSS Compliance program implementation
14. Track 1 Data - ANSWER - Contains all fields of Track 1 and 2
15. Track 2 Data - ANSWER - Provides faster processing for dial-up transmissions
16. DESV - ANSWER - Designated Entities Supplemental Validation
17. Pre-Assessment Activities - ANSWER - Assessor's preparation for assessment
18. Authorization - ANSWER - Occurs at the time of purchase
19. Clearing - ANSWER - Usually occurs within one day
20. Settlement - ANSWER - Typically occurs within two days
21. Dual Control - ANSWER - Multiple people required for key operations
22. Key Retirement - ANSWER - When keys are weakened or compromised
23. Masking - ANSWER - Displaying data while keeping it accessible
24. Truncation - ANSWER - Irrecoverable transformation of stored data
25. Hashing - ANSWER - One-way encryption method for data security
26. Data Purging - ANSWER - Quarterly removal of unnecessary stored data
, -
27. Shared Services - ANSWER - Common components providing services across an
organization
28. NTP - ANSWER - Network Time Protocol setting system clocks
29. Storage Location Security Review ANSWER - Confirmation of secure backup media
storage annually
30. Media Inventory Logs Review - ANSWER - Verification of maintained logs and
inventories annually
31. Video Camera Data Storage - ANSWER - Retention of data for access controls for at
least 3 months
32. Critical File Comparisons - ANSWER - Configuration for weekly file comparisons
33. Wireless Access Points Detection - ANSWER - Processes to identify WAP presence
quarterly
34. Incident Response Plan Testing - ANSWER - Annual testing of the incident response
plan
35. Audit Trails Storage - ANSWER - Logs stored for immediate availability for 1 year and 3
months
36. ROC Reporting Template - ANSWER - Mandatory use for PCI DSS assessment ROCs
37. PA-DSS Validation Guarantee - ANSWER - False: PA-DSS validation does not guarantee
PCI-DSS compliance
38. Track Data Storage - ANSWER - True: Track Data cannot be stored post-authorization
39. Unsupported OS PA-DSS Validation - ANSWER - False: OS unsupported by vendor
cannot be PA-DSS validated
40. Clear Text PAN Storage - ANSWER - False: PAN must be rendered unreadable after
authorization
41. Strong Passwords for Brute Force - ANSWER - True: Strong passwords mitigate attacks
with complexity
42. Encryption Key Management - ANSWER - False: Encryption key management is
mandatory
PCI ISA Exam 200 Questions
1. HTTPS - ANSWER - Encrypts non console admin access to web-based interfaces
2. SSH - ANSWER - Secure service, protocol, or daemon
3. Sensitive Authentication Data - ANSWER - Includes CVV, Full Track Data, PIN
4. PAN Masking - ANSWER - Masks digits between first six and last four
5. PAN Protection - ANSWER - Must be unreadable during transmission over networks
6. Hashing for PAN - ANSWER - Encrypts PAN using strong cryptography
7. Split Knowledge - ANSWER - Required for keys stored on production systems
8. Least Privilege - ANSWER - Granting minimal user access in CDE
9. SHA-2 - ANSWER - National Security Agency's cryptographic hash functions
10. Visitor Access - ANSWER - Visitors must be escorted in sensitive areas
11. Key Protection - ANSWER - Restrictions on key access and storage
12. Cryptographic Architecture Description - ANSWER - Details of algorithms, keys, and
HSMs used
13. DESV Requirements - ANSWER - PCI DSS Compliance program implementation
14. Track 1 Data - ANSWER - Contains all fields of Track 1 and 2
15. Track 2 Data - ANSWER - Provides faster processing for dial-up transmissions
16. DESV - ANSWER - Designated Entities Supplemental Validation
17. Pre-Assessment Activities - ANSWER - Assessor's preparation for assessment
18. Authorization - ANSWER - Occurs at the time of purchase
19. Clearing - ANSWER - Usually occurs within one day
20. Settlement - ANSWER - Typically occurs within two days
21. Dual Control - ANSWER - Multiple people required for key operations
22. Key Retirement - ANSWER - When keys are weakened or compromised
23. Masking - ANSWER - Displaying data while keeping it accessible
24. Truncation - ANSWER - Irrecoverable transformation of stored data
25. Hashing - ANSWER - One-way encryption method for data security
26. Data Purging - ANSWER - Quarterly removal of unnecessary stored data
, -
27. Shared Services - ANSWER - Common components providing services across an
organization
28. NTP - ANSWER - Network Time Protocol setting system clocks
29. Storage Location Security Review ANSWER - Confirmation of secure backup media
storage annually
30. Media Inventory Logs Review - ANSWER - Verification of maintained logs and
inventories annually
31. Video Camera Data Storage - ANSWER - Retention of data for access controls for at
least 3 months
32. Critical File Comparisons - ANSWER - Configuration for weekly file comparisons
33. Wireless Access Points Detection - ANSWER - Processes to identify WAP presence
quarterly
34. Incident Response Plan Testing - ANSWER - Annual testing of the incident response
plan
35. Audit Trails Storage - ANSWER - Logs stored for immediate availability for 1 year and 3
months
36. ROC Reporting Template - ANSWER - Mandatory use for PCI DSS assessment ROCs
37. PA-DSS Validation Guarantee - ANSWER - False: PA-DSS validation does not guarantee
PCI-DSS compliance
38. Track Data Storage - ANSWER - True: Track Data cannot be stored post-authorization
39. Unsupported OS PA-DSS Validation - ANSWER - False: OS unsupported by vendor
cannot be PA-DSS validated
40. Clear Text PAN Storage - ANSWER - False: PAN must be rendered unreadable after
authorization
41. Strong Passwords for Brute Force - ANSWER - True: Strong passwords mitigate attacks
with complexity
42. Encryption Key Management - ANSWER - False: Encryption key management is
mandatory
