Which of the following statements is true regarding track equivalent data on the chip of a payment card?
A. It is out of scope for PCI DSS
B. It is sensitive authentication data
C. It is allowed to be stored by merchants after authorization if encrypted
D. It is not applicable for PCI DSS Requirement 3.2
正解:B
解説: (Pass4Test メンバーにのみ表示されます)
質問 2:
An internal NTP server that provides time services to the Cardholder Data Environment is?
A. Only m scope if it stores processes or transmits cardholder data
B. In scope for PCI DSS
C. Not in scope for PCI DSS
D. Only in scope if it provides time services to database servers.
正解:B
解説: (Pass4Test メンバーにのみ表示されます)
質問 3:
At which step in the payment transaction process does the merchants bank pay the merchant for the purchase and the cardholder s bank bill the cardholder?
A. Clearing
B. Authorization
C. Settlement
D. Chargeback
正解:C
解説: (Pass4Test メンバーにのみ表示されます)
質問 4:
Which statement is true regarding the use of intrusion detection techniques, such as intrusion detection systems and/or intrusion protection systems (IDS'IPS)?
A. Intrusion detection techniques are required to isolate systems in the cardholder data environment from all other systems
B. Intrusion detection techniques are required on all system components
C. Intrusion detection techniques are required to identify all instances of cardholder data
D. Intrusion detection techniques are required to alert personnel of suspected compromises
正解:D
解説: (Pass4Test メンバーにのみ表示されます)
質問 5:
PCI DSS Requirement 12.7 requires screening and background checks for which of the following?
A. All personnel employed by the organization
B. Cashiers with access to one card number at a time
C. Personnel with access to the cardholder data environment.
D. Visitors with access to the organization s facilities
正解:C
解説: (Pass4Test メンバーにのみ表示されます)
藤木** -
過去問を何周かしてある程度暗記すれば合格できる試験ですが、そもそもセキュリティについて考え方などを学びたいと思い、本書に目を通しました。無事合格です。