PCI CPSA Exam Practice Test Instant Access

Question 1

Which of the follow best describes a Technical FAQ?

ATechnical FAQs only apply to the specific technology as the FAQ defines it

BTechnical FAQs can be submitted to PCI SSC at any time

CUse of the Technical FAQs is mandatory, they shall be used during an assessment

DUse of the Technical FAQs is optional, they are considered guidance

Answer : D

Question 2

Which of the following security awareness measures is required for compliance?

AAnnual training on common attack methods

BAnnual training on use of mantraps

CSecurity awareness exams for all personnel

DSecurity posters must be placed in the facility

Answer : C

Question 3

The receptionist responsible for the entrance and departure of visitors must have which of the following?

AA shredder for the destruction of disposable visitor badges

BA constant, open communication channel with a guard

CAn unobstructed view of the reception area at all times

DA means of communicating directly with the visitor while on the premises

Answer : C

Question 4

Which of the following must be used by the vendor to protect doors that provide access to buildings containing air conditioning equipment?

ASecurity tape that will leave an observable trace each time a door is opened

BElectrical contacts that log each open and close event to a secure system memory

CMagnetic contacts that are permanently alarmed and that are connected to the security control-room panels

DPhysical locks with a limited set of keys under constant supervision by a guard in the security control-room

Answer : D

Question 5

If a vendor plans to terminate an employee, which of these must be done?

AThe employee must be escorted from the premises immediately

BThe employee's locker and desk must be searched prior to termination

CThe Human Resources department must be notified prior to termination

DThe security manager must be notified in writing prior to termination

Answer : C

Question 6

For how long must a CPSA Company maintain workpapers and technical information obtained during an assessment?

AUntil each applicable payment brand has accepted (and signed off) the ROC and AOC

BAs long as the entity under assessment is a client of the CPSA Company

C3 years

D1 year

Answer : C

Question 7

A card production vendor employs a contracted guard service from an outside source. What is one of the responsibilities of the contracted service?

AProvide only certified guards

BRegister their service with the VPA

CMaintain their own liability insurance in case of losses to card material

DUndergo their own Card Production assessment and provide evidence of a passing result

Answer : C

PCI Card Production Security Assessor (CPSA) Qualification Exam Practice Test