CPSA_P_New Exam Dumps : Card Production Security AssessorCPSA Physical NewExam

 According to the PCI Card Production and Provisioning Physical Security Requirements, emergency exit doors must be equipped with devices that prevent unauthorized entry from the outside, such as panic bars, crash bars, or push pads. These devices allow the door to be opened from the inside without a key or a code, but prevent the door from being opened from the outside by unauthorized persons. Therefore, the most concerning aspect of the situation is that the exit door can be opened from the outside with a key, which creates a security risk for the facility. The other options are not as concerning, as they do not directly affect the security of the exit door. The exit door can lead into the facility as long as it provides a safe and unobstructed path to the exit discharge. The guard’s memory lapse is not a major issue, as long as they follow the proper proceduresand protocols for opening the door. The guard’s permission from their manager is not relevant, as long as they have the authority and the responsibility to open the door for inspection purposes. References:

• PCI Card Production and Provisioning Physical Security Requirements, Version 1.0, April 2019, page 171
• PCI Card Production and Provisioning Physical Security Requirements, Version 1.0, April 2019, page 181

According to the PCI Card Production Physical Security Requirements, one of the security controls for contracted guard services is to ensure that they maintain their own liability insurance in case of losses to card material. This is to protect the card production vendor from any financial losses or damages caused by the contracted guard service, such as negligence,theft, or misuse of card material. The contracted guard service should also comply with the vendor’s security policies and procedures, and undergo background checks and security training. References: PCI Card Production Physical Security Requirements, Version 1.0, April 2019, Section 1.1, Objective 2, Requirement 2.2.1, Page 71

According to the PCI Card Production and Provisioning Physical Security Requirements, the HSA Access Control system must enforce both dual control and dual presence principles. Dual control means that at least two authorized individuals must act together to perform a critical function or access a sensitive area. Dual presence means that at least two authorized individuals must be physically present in the same area at all times. These principles are intended to prevent unauthorized or fraudulent activities by requiring mutual supervision and accountability. Therefore, the HSA Access Control system must ensure that no single individual can enter, exit, or operate within the HSA without the cooperation and the presence of another authorized individual. References:

• PCI Card Production and Provisioning Physical Security Requirements, Version 1.0, April 2019, page 121
• PCI Card Production and Provisioning Physical Security Requirements, Version 1.0, April 2019, page 131