Where can live PANs be used for testing?

• A.Production (live) environments only
• B.Pre-production (test) environments only if located outside the CDE.
• C.Pre-production environments that are located within the CDE
• D.Testing with live PANs must only be performed in the QSA Company environment

Comment: *

Name: *

Email: *

Verification: *

PCI DSS Requirement 12.7 requires screening and background checks for which of the following?

• A.All personnel employed by the organization
• B.Personnel with access to the cardholder data environment.
• C.Visitors with access to the organization s facilities
• D.Cashiers with access to one card number at a time

Comment: *

Name: *

Email: *

Verification: *

Which statement about the Attestation of Compliance (AOC) is correct?

• A.There are different AOC templates for service providers and merchants
• B.The AOC must be signed by both the merchant/service provider and by PCI SSC
• C.The same AOC template is used for ROCs and SAQs
• D.The AOC must be signed by either the merchant service provider or the QSA'ISA

Comment: *

Name: *

Email: *

Verification: *

What should the assessor verify when testing that cardholder data is protected whenever it is sent over open public networks?

• A.The security protocol is configured to accept all digital certificates
• B.A proprietary security protocol is used
• C.The security protocol accepts only trusted keys
• D.The security protocol accepts connections from systems with lower encryption strength than required by the protocol

Comment: *

Name: *

Email: *

Verification: *

Which of the following statements is true regarding track equivalent data on the chip of a payment card?

• A.It is allowed to be stored by merchants after authorization if encrypted
• B.It is sensitive authentication data
• C.It is out of scope for PCI DSS
• D.It is not applicable for PCI DSS Requirement 3.2

Comment: *

Name: *

Email: *

Verification: *