PCIP3.0問題集PDFでPCIP3.0リアル試験問題解答
時間限定!今すぐ試そうPCIP3.0試験 [2023] 問題集でPCIのPDF問題
質問 # 37
Protect stored cardholder data is the ____________
- A. Requirement 4
- B. Requirement 5
- C. Requirement 2
- D. Requirement 3
正解:D
質問 # 38
SELECT ALL THAT APPLY
To be compliant with requirement 9.9 an updated list of all card-reading devices used in card-present transactions at the point of sale must be kept by June 30 2015 including the following:
- A. Make, model of device
- B. Device serial number or other unique identification
- C. Location of device
- D. Proof of purchase
正解:A、B、C
質問 # 39
Which of the below functions is associated with Acquirers?
- A. Provide clearing services to a merchant
- B. Provide settlement services to a merchant
- C. Provide authorization services to a merchant
- D. All of the options
正解:D
質問 # 40
Information Supplements provided by the PCI SSC "supersede" or replace PCI DSS requirements
- A. True
- B. False
正解:B
質問 # 41
An audit trail history should be available immediately for analysis within a minimum of
- A. 1 year
- B. 6 months
- C. 30 days
- D. 3 months
正解:D
質問 # 42
PCI compliance do not apply on Virtualized environments
- A. True
- B. False
正解:B
質問 # 43
Entities involved in payment card processing via mobile devices (like a phone or tablet) can reduce the risks to the security of cardholder data by:
- A. Storing account data withing the mobile device
- B. Imputing account data directly into mobile device
- C. Encrypting account data at the point of capture using an approved point of interaction device
- D. Encrypting account data within the mobile device using an approved encryption application
正解:C
質問 # 44
It's NOT required that all four quarters of passing scan in order to meet requirement 11.2
- A. True
- B. False
正解:B
質問 # 45
Do not use vendor-supplied defaults for system passwords and other security parameters is the
___________
- A. Requirement 4
- B. Requirement 1
- C. Requirement 3
- D. Requirement 2
正解:D
質問 # 46
Imprint-Only Merchants with no electronic storage of cardholder data may be eligible to use which SAQ?
- A. SAQ B
- B. SAQ C/VT
- C. SAQ A
- D. SAQ D
正解:A
質問 # 47
In order to be considered a compensating control, which of the following must exist:
- A. A legitimate technical constraint and a documented business constraint
- B. A legitimate technical constraint or a documented business constraint
- C. A documented business constraint
- D. A legitimate technical constraint
正解:B
質問 # 48
Which of the following entities will ultimately approve a purchase?
- A. Merchant
- B. Acquiring Bank
- C. Payment Transaction Gateway
- D. Issuing Bank
正解:D
質問 # 49
PCI Requirement 12.6 requires personnel to acknowledge at least _______ that they have read and understood the security policy and procedures.
- A. Once during their employment
- B. Annually
- C. Every six months
- D. Quarterly
正解:B
質問 # 50
To whom is Self-Assessment Question naire (SAQ) A intended for?
- A. Merchants with Web-Based Virtual Payment Terminals-No Electronic Cardholder Data Storage
- B. Merchants with Only Imprint Machines or Only Standalone, Dial-out Terminals- No Electronic
Cardholder Data Storage Merchants with Only Imprint Machines or Only Standalone, Dial-out Terminals
No Electronic Cardholder Data Storage Merchants with Only Imprint Machines or Only Standalone,
Dial-out Terminals- No Electronic Cardholder Data Storage Merchants with Only Imprint Machines or
Only Standalone, Dial-out Terminals- No Electronic Cardholder Data Storage Merchants with Only
Imprint Machines or Only Standalone, Dial-Out Terminals - No Electronic Cardholder Data Storage - C. Merchants with Payment Application Systems Connected to the Internet-No Electronic Cardholder
Data Storage Merchants with Payment Application Systems Connected to the Internet- No Electronic
Cardholder Data Storage Merchants with Payment Application Systems Connected to the Internet-No
Electronic Cardholder Data Storage Merchants with Payment Application Systems Connected to the
Internet-No Electronic Cardholder Data Storage Merchants with Payment Application Systems
Connected to the Internet - No Electronic Cardholder Data Storage - D. Card-not-present Merchants, All Cardholder Data Functions Fully Outsourced
正解:D
質問 # 51
Which of the following lists the correct "order" for the flow of a payment card transaction?
- A. Clearing, Authorization, Settlement
- B. Authorization, Settlement, Clearing
- C. Authorization, Clearing, Settlement
- D. Clearing, Settlement, Authorization
正解:C
質問 # 52
Who can perform quarterly external vulnerability scans meeting requirement 11.2.2?
- A. IT Security personnel
- B. Any employee
- C. Approved Scanning Vendor (ASV) approved by PCI SSC
- D. Qualified personnel
正解:C
質問 # 53
To render PAN unreadable anywhere it is stored one-way hashes must be implemented based on strong cryptography on
- A. on half of the PAN
- B. the entire PAN
- C. on the first half of the PAN
- D. on the last half of the PAN
正解:B
質問 # 54
What is the NIST standards that provides password complexity requirements
- A. 800-61
- B. 800-63
- C. 800-57
- D. 800-53
正解:B
質問 # 55
Restrict physical access to cardholder data is the _________
- A. Requirement 8
- B. Requirement 10
- C. Requirement 7
- D. Requirement 9
正解:D
質問 # 56
Restrict access to cardholder data by business need-to-know
- A. Requirement 8
- B. Requirement 9
- C. Requirement 10
- D. Requirement 7
正解:D
質問 # 57
......
PCIP3.0プレミアム試験エンジンとPDFダウンロード:https://www.jpntest.com/shiken/PCIP3.0-mondaishu