Which of the below functions is associated with Acquirers?
A. Provide settlement services to a merchant
B. Provide authorization services to a
... [Show More] merchant
C. Provide clearing services to a merchant
D. All of the options - Correct Answer: D
Which of the following entities will actually approve a purchase?
A. Non-Issuing Merchant Bank
B. Issuing Bank
C. Payment Transaction Gateway
D. Acquiring Bank - Correct Answer: B
Which of the following lists the correct "order" for the flow of a payment card transaction?
A. Clearing, Settlement, Authorization
B. Clearing, Authorization, Settlement
C. Authorization, Clearing, Settlement
D. Authorization, Settlement, Clearing - Correct Answer: C
Service Providers include companies which_____________or could______________the security of cardholder
data.
A. are PCI compliant, prove effective controls for
B. control, impact
C. manage, test
D. control, subrogate - Correct Answer: B
QUESTION 16
Cardholder Data may be stored in "KNOWN" and "UNKNOWN" locations.
A. True
B. False - Correct Answer: A
Storing Track Data "Long-Term" or "persistently" may be permitted if_______________.
A. it is being stored by issuers
B. it is reported to the PCI SSC annually in a RoC
C. it is encrypted by the merchant storing it
D. it is hashed by the merchant storing it - Correct Answer: A
PCI DSS Requirement 3.4 states the PAN must be rendered unreadable when stored, using___________.
A. Encryption, Truncation, or Obfuscating
B. Hashing, Scrambling, or Encrypting
C. Encryption, Hashing, or Truncation
D. Truncation, Scrambling, or Encrypting - Correct Answer: C
Requirement 2.2.2 states "Enable only necessary and secure services, protocols, daemons, etc., as required
for the function of the system". Which of the following is considered secure?
A. SSH
B. RLogon
C. Telnet
D. FTP - Correct Answer: A
When scoping an environment for a PCI DSS assessment, it is important to identify _______________.
A. All flows of cardholder data
B. All of the options
C. Components that store cardholder data
D. Business facilities involved in processing transactions - Correct Answer: B
QUESTION 21
Merchants involved with only e-commerce transactions that are completely outsourced to a PCI DSS compliant
service provider would use which SAQ?
A. SAQ C/VT
B. SAQ B
C. SAQ D
D. SAQ A - Correct Answer: D
Imprint-Only Merchants with no electronic storage of cardholder data would use which SAQ?
A. SAQ C/VT
B. SAQ B
C. SAQ A
D. SAQ D - Correct Answer: B [Show Less]