PCI Compliance Quiz 2018

Reviewed by Editorial Team
The ProProfs editorial team is comprised of experienced subject matter experts. They've collectively created over 10,000 quizzes and lessons, serving over 100 million users. Our team includes in-house content moderators and subject matter experts, as well as a global network of rigorously trained contributors. All adhere to our comprehensive editorial guidelines, ensuring the delivery of high-quality content.
Learn about Our Editorial Process
| By Mvalence
M
Mvalence
Community Contributor
Quizzes Created: 1 | Total Attempts: 139
| Attempts: 139
Quiz Flashcard
SettingsSettings
Please wait...
  • 1/8 Questions

    Computers are to be locked when you are away from your work area?

    • True
    • False
Please wait...
About This Quiz

Please complete the required quiz for the Department of Education's PCI compliance requirement in the year 2018.

PCI Compliance Quiz 2018 - Quiz

Quiz Preview

  • 2. 

    How many requirements does PCI DSS have?

    • 10

    • 12

    • 24

    • 9

    Correct Answer
    A. 12
    Explanation
    PCI DSS, which stands for Payment Card Industry Data Security Standard, is a set of security standards that organizations must follow to protect cardholder data. The correct answer is 12 because PCI DSS has 12 main requirements that cover various aspects of data security, such as maintaining a secure network, protecting cardholder data, implementing strong access control measures, regularly monitoring and testing networks, and maintaining an information security policy. These requirements are designed to ensure that organizations handling cardholder data maintain a high level of security to prevent data breaches and protect sensitive information.

    Rate this question:

  • 3. 

    Storage containers used for materials that are to be destroyed do not need to be secured (ex. not locked)?

    • True

    • False

    Correct Answer
    A. False
    Explanation
    All hard-copy materials must be stored in storage containers that are secure.

    Rate this question:

  • 4. 

    A potential security breach might include a User ID being given out or stolen.

    • True

    • False

    Correct Answer
    A. True
    Explanation
    A potential security breach refers to a situation where unauthorized access or disclosure of sensitive information occurs. In this case, if a User ID is given out or stolen, it can lead to a security breach as it allows unauthorized individuals to access a user's account or personal information. This can result in identity theft, unauthorized transactions, or other malicious activities. Therefore, the statement "A potential security breach might include a User ID being given out or stolen" is true.

    Rate this question:

  • 5. 

    Personnel who have specific roles with EIS or Card Holder Data are required to participate in an annual training for PCI compliance?

    • True

    • False

    Correct Answer
    A. True
    Explanation
    Personnel who have specific roles with EIS or Card Holder Data are required to participate in an annual training for PCI compliance because it is crucial for them to understand the security protocols and measures necessary to protect cardholder data. This training ensures that they are aware of their responsibilities and are equipped with the knowledge to handle sensitive information securely. By participating in annual training, these personnel can stay updated with the latest security practices and help maintain PCI compliance within the organization.

    Rate this question:

  • 6. 

    Please check all that apply: Onsite personnel and visitors must:

    • Be identified and given a badge that distinguishes them from onsite personnel

    • Use of a visitor badge or state ID does NOT permit unescorted access to physical locations where Card Holder Data (CHD) is processed

    • Visitors or onsite employees ARE able to be unescorted in physical locations where Card Holder Data (CHD) is processed

    • Visitors or onsite employees are NOT required to have an identifying badge

    Correct Answer(s)
    A. Be identified and given a badge that distinguishes them from onsite personnel
    A. Use of a visitor badge or state ID does NOT permit unescorted access to physical locations where Card Holder Data (CHD) is processed
    Explanation
    The correct answer is "Be identified and given a badge that distinguishes them from onsite personnel" and "Use of a visitor badge or state ID does NOT permit unescorted access to physical locations where Card Holder Data (CHD) is processed". This means that both onsite personnel and visitors must be identified and given a badge that sets them apart from regular onsite personnel. Additionally, even if a visitor has a visitor badge or state ID, they still cannot access areas where Card Holder Data is processed without being escorted.

    Rate this question:

  • 7. 

    Please check all that apply; Best Practices for Credit Card Processing include;

    • Segregate duties when possible

    • Remember to never store payment card data in any form

    • Only allow employees who have a legitimate business need to access cardholder information

    • Each user needs their own user ID coupled with a secure password that is changed regularly

    • Restrict physical access to areas where credit card information is handled and stored

    Correct Answer(s)
    A. Segregate duties when possible
    A. Remember to never store payment card data in any form
    A. Only allow employees who have a legitimate business need to access cardholder information
    A. Each user needs their own user ID coupled with a secure password that is changed regularly
    A. Restrict physical access to areas where credit card information is handled and stored
    Explanation
    The best practices for credit card processing include segregating duties when possible, not storing payment card data in any form, only allowing employees with a legitimate business need to access cardholder information, each user having their own user ID coupled with a secure password that is changed regularly, and restricting physical access to areas where credit card information is handled and stored. These practices help to ensure the security and integrity of credit card transactions, protect cardholder information, and prevent unauthorized access and data breaches.

    Rate this question:

  • 8. 

    Please check all that apply: How do I protect cardholder data?

    • Credit card receipts must only show the last 4 digits

    • Have security policies and procedures in place

    • Test the system with a live credit card (PAN)

    • Limit this to only those who need this information to do their jobs

    Correct Answer(s)
    A. Credit card receipts must only show the last 4 digits
    A. Have security policies and procedures in place
    A. Limit this to only those who need this information to do their jobs
    Explanation
    The correct answer options provide effective measures for protecting cardholder data. By only showing the last 4 digits of credit card numbers on receipts, the risk of unauthorized access to sensitive information is minimized. Having security policies and procedures in place ensures that proper protocols are followed to safeguard cardholder data. Limiting access to this information to only those who require it for their job roles further reduces the chances of data breaches or misuse. These measures collectively contribute to protecting cardholder data from potential threats.

    Rate this question:

Quiz Review Timeline (Updated): Mar 21, 2023 +

Our quizzes are rigorously reviewed, monitored and continuously updated by our expert board to maintain accuracy, relevance, and timeliness.

  • Current Version
  • Mar 21, 2023
    Quiz Edited by
    ProProfs Editorial Team
  • Mar 13, 2018
    Quiz Created by
    Mvalence
Back to Top Back to top
Advertisement
×

Wait!
Here's an interesting quiz for you.

We have other quizzes matching your interest.