New Year Special 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: save70

PCI SSC Certification Changed Assessor_New_V4 Questions

Assessor_New_V4 Exam Questions and Answers

Question 5

Security policies and operational procedures should be?

Options:

A.

Encrypted with strong cryptography

B.

Stored securely so that only management has access

C.

Reviewed and updated at least quarterly

D.

Distributed to and understood by all affected parties

Question 6

In the ROC Repotting Template, which of the following is the best approach for a response where the requirement was in Place’’?

Options:

A.

Details of the entity s project plan for implementing the requirement

B.

Details of how the assessor observed the entity s systems were compliant with the requirement

C.

Details of the entity s reason for not implementing the requirement

D.

Details of how the assessor observed the entity s systems were not compliant with the requirement

Question 7

Which scenario meets PCI DSS requirements for restricting access to databases containing cardholder data?

Options:

A.

User access to the database is only through programmatic methods

B.

User access to the database is restricted to system and network administrators

C.

Application IDs for database applications can only be used by database administrators

D.

Direct queries to the database are restricted to shared database administrator accounts

Question 8

If segmentation is being used to reduce the scope of a PCI DSS assessment the assessor will?

Options:

A.

Verify the segmentation controls allow only necessary traffic into the cardholder data environment.

B.

Verify the payment card brands have approved the segmentation

C.

Verify that approved devices and applications are used for the segmentation controls

D.

Verify the controls used for segmentation are configured properly and functioning as intended