PCIP ACTUAL EXAM 200 QUESTIONS AND
CORRECT ANSWERS 2023-2024 UPDATE
ALREADY GRADED A+ WITH EXPERT
FEEDBACK
If virtualization technologies are used in a cardholder data environment, PCI DSS
requirements apply to those
virtualization technologies.
A. False
B. True - ANSWER- Correct Answer: B
The presumption of P2PE is that cardholder data in transit is protected when it is
encrypted to the extent that
an entity in possession of the ciphertext alone can easily reverse the encryption process
A. False
B. True - ANSWER- Correct Answer: A
Encrypting account data at the point of capture is one way an entity involved in payment
card processing via
mobile devices can actively help in controlling risks to the security of cardholder data.
A. True
B. False - ANSWER- Correct Answer: A
In order to be considered a compensating control, which of the following must exist?
A. A legitimate technical constraint and a documented business constraint.
B. A legitimate technical constraint.
C. A legitimate technical constraint of a documented business constraint.
D. A documented business constraint. - ANSWER- Correct Answer: C
PCI DSS Requirement 1
A. Install and maintain a firewall configuration to protect cardholder data
B. Do not use vendor supplied defaults for system passwords and other security
parameters
C. Protect stored cardholder data by enacting a formal data retention policy and
implement secure deletion
methods
D. Protected Cardholder Data during transmission over the internet, wireless networks
or other open access
networks or systems (GSM, GPRS, etc.) - ANSWER- Correct Answer: A
PCI DSS Requirement 2
A. Install and maintain a firewall configuration to protect cardholder data
B. Do not use vendor supplied defaults for system passwords and other security
parameters
C. Protect stored cardholder data by enacting a formal data retention policy and
implement secure deletion
methods
D. Protected Cardholder Data during transmission over the internet, wireless networks
or other open access
networks or systems (GSM, GPRS, etc.) - ANSWER- Correct Answer: B
PCI DSS Requirement 3
A. Install and maintain a firewall configuration to protect cardholder data
B. Do not use vendor supplied defaults for system passwords and other security
parameters
C. Protect stored cardholder data by enacting a formal data retention policy and
implement secure deletion
methods
D. Protected Cardholder Data during transmission over the internet, wireless networks
or other open access
networks or systems (GSM, GPRS, etc.) - ANSWER- Correct Answer: C
PCI DSS Requirement 4
A. Install and maintain a firewall configuration to protect cardholder data
B. Protect stored cardholder data by enacting a formal data retention policy and
implement secure deletion
methods
C. Protected Cardholder Data during transmission over the internet, wireless networks
or other open access
networks or systems (GSM, GPRS, etc.)
D. Use and regularly update anti-virus software or programs - ANSWER- Correct
Answer: C
PCI DSS Requirement 5
A. Use and regularly update anti-virus software or programs
B. Protected Cardholder Data during transmission over the internet, wireless networks
or other open access
networks or systems (GSM, GPRS, etc.)
C. Protect stored cardholder data by enacting a formal data retention policy and
implement secure deletion
methods
D. Do not use vendor supplied defaults for system passwords and other security
parameters - ANSWER- Correct Answer: A
PCI DSS Requirement 6
A. Use and regularly update anti-virus software or programs
B. Develop and maintain secure systems and applications
C. Assign a unique ID to each person with computer access
D. Restrict access to cardholder data by business need to know - ANSWER- Correct
Answer: B
Category | exam bundles |
Comments | 0 |
Rating | |
Sales | 1 |