PCI Compliance Test! Trivia Quiz
10 Questions
| Total Attempts: 7413
(106).jpg "PCI Compliance Test! Trivia Quiz")
Below is a PCI compliance test! If you want to pay your bill using your credit or debit card, you want to know that your information will not be used for other reasons other than the transactions you have verified to do. Take this quiz and get to see some of the major PCI guidelines and how effective they actually are.
Questions and Answers
- 1.A commercial payment product has been PA-DSS 1.2.1 validated by a PA-QSA. It is also listed on the PCI Security Standards Council Website as a validated payment application. As a result, the product is guaranteed to be PCI-DSS compliant when deployed in the merchant’s environment.
- A.
True
- B.
False
- 2.Track Data can not be stored in a payment application after authorization.
- A.
True
- B.
False
- 3.A customer is using an operating system (OS) that is no longer supported by the OS vendor. However, payment vendor can PA-DSS validate payment product on the unsupported OS using compensating controls which is allowed under the rules of PA-DSS
- A.
True
- B.
False
- 4.It is acceptable to store the PAN# in clear text as long as the PAN# is purged after authorization.
- A.
True
- B.
False
- 5.Strong passwords are used to mitigate brute force attacks. Typically strong passwords are at least 7 characters long, contain alpha, numeric, special and upper lower case
- A.
True
- B.
False
- 6.Encryption key management is an optional PA-DSS requirement to be used only if the customer requests encryption requirements above and beyond PCI.
- A.
True
- B.
False
- 7.Starting January 1, 2012, merchants will have to validate their CDE to PCI-DSS 2.0. As a result, payment software validated against PA-DSS 1.2.1 will no longer be valid after December 31, 2011.
- A.
True
- B.
False
- 8.If a payment product is deployed in such away at the customers CDE, that the payment product never stores,processes or handles credit card data, PA-DSS is not in scope. Examples of this include products that only process loyalty cards.
- A.
True
- B.
False
- 9.A PA-DSS policy exception should be used to document a security breach when card data is stolen.
- A.
True
- B.
False
- 10.A PCI pre-engagement check list form is used to determine if a payment vendor's PA-DSS validated application can meet the PCI-DSS requirements of a merchant customer. For example, determine if the customer is using an OS that the vendor's payment application was PA-DSS validated against.
- A.
True
- B.
False
This is a PCI compliance training test! Being that we are living in a paperless society, credit and debit cards are the most used ways of payments, and establishments need to follow some regulations to ensure the safety of the...
Questions: 10 | Attempts: 3838 | Last updated: Jul 21, 2020
-
Sample QuestionPCI DSS was created by the major credit card companies.
Below is a compliance 101: trivia test questions! It is perfect for anyone who wants to add on to their knowledge when it comes to compliance with laid down internal and external policies. Do take up the quiz below and get to see...
Questions: 7 | Attempts: 1722 | Last updated: Sep 24, 2020
-
Sample QuestionThe OIG performs all of the following EXCEPT:
Can you pass the export compliance test? There are a lot of rules that are put in place to ensure that before something leaves a country, it has gone through different checks and does not pose a danger to people. Do take up the...
Questions: 20 | Attempts: 1583 | Last updated: Jan 24, 2020
-
Sample QuestionTrue or False: Exporting ITAR/EAR controlled data to foreign persons usually requires a license.
Back to top