PCI-DSS ISA CERTIFICATION EXAMINATION
TEST 2026 COMPLETE QUESTIONS AND
SOLUTIONS 100% CORRECT
◉ Where should firewalls be installed? Answer: At each Internet
connection and between any DMZ and the internal network.
◉ Review of firewall and router rule sets at least every
__________________. Answer: 6 months
◉ If disk encryption is used. Answer: logical access must be managed
separately and independently of native operating system authentication
and access control mechanisms
◉ Manual clear-text key-management procedures specify processes for
the use of the following:. Answer: Split knowledge AND Dual control of
keys
◉ What is considered "Sensitive Authentication Data"? Answer: Card
verification value
, ◉ When a PAN is displayed to an employee who does NOT need to see
the full PAN, the minimum digits to be masked are: All digits between
the ___________ and the __________. Answer: first 6; last 4
◉ Regarding protection of PAN.. Answer: PAN must be rendered
unreadable during the transmission over public and wireless networks.
◉ Under requirement 3.4, what method must be used to render the PAN
unreadable? Answer: Hashing the entire PAN using strong cryptography
◉ Weak security controls that should NOT be used. Answer: WEP, SSL,
and TLS 1.0 or earlier
◉ Per requirement 5, anti-virus technology must be
deployed_________________. Answer: on all system components
commonly affected by malicious software.
◉ Key functions for anti-vius program per Requirement 5:. Answer: 1)
Detect
2) Remove
3) Protect
◉ Anti-virus solutions may be temporarily disabled only if. Answer:
there is legitimate technical need, as authorized by management on a
case-by-case basis
TEST 2026 COMPLETE QUESTIONS AND
SOLUTIONS 100% CORRECT
◉ Where should firewalls be installed? Answer: At each Internet
connection and between any DMZ and the internal network.
◉ Review of firewall and router rule sets at least every
__________________. Answer: 6 months
◉ If disk encryption is used. Answer: logical access must be managed
separately and independently of native operating system authentication
and access control mechanisms
◉ Manual clear-text key-management procedures specify processes for
the use of the following:. Answer: Split knowledge AND Dual control of
keys
◉ What is considered "Sensitive Authentication Data"? Answer: Card
verification value
, ◉ When a PAN is displayed to an employee who does NOT need to see
the full PAN, the minimum digits to be masked are: All digits between
the ___________ and the __________. Answer: first 6; last 4
◉ Regarding protection of PAN.. Answer: PAN must be rendered
unreadable during the transmission over public and wireless networks.
◉ Under requirement 3.4, what method must be used to render the PAN
unreadable? Answer: Hashing the entire PAN using strong cryptography
◉ Weak security controls that should NOT be used. Answer: WEP, SSL,
and TLS 1.0 or earlier
◉ Per requirement 5, anti-virus technology must be
deployed_________________. Answer: on all system components
commonly affected by malicious software.
◉ Key functions for anti-vius program per Requirement 5:. Answer: 1)
Detect
2) Remove
3) Protect
◉ Anti-virus solutions may be temporarily disabled only if. Answer:
there is legitimate technical need, as authorized by management on a
case-by-case basis
