PCI CPSA Exam Practice Test Instant Access

Question 1

A vendor wants to know if they will be penalized if their vault is not compliant. Who should they ask?

APCI SSC

BAssessor

CIssuing banks

DPayment brands

Answer : B

Question 2

Which of the following must be used by the vendor to protect doors that provide access to buildings containing air conditioning equipment?

ASecurity tape that will leave an observable trace each time a door is opened

BElectrical contacts that log each open and close event to a secure system memory

CMagnetic contacts that are permanently alarmed and that are connected to the security control-room panels

DPhysical locks with a limited set of keys under constant supervision by a guard in the security control-room

Answer : D

Question 3

For how long must a vendor retain all applicant and employee background information on file?

AFor at least 12 months after termination of the contract of employment

BFor at least 18 months after termination of the contract of employment

CFor at least 24 months after termination of the contract of employment

DIt is not a requirement to store this information beyond termination of the contract

Answer : C

Question 4

During an assessment you walk the perimeter of the building with a guard you find an emergency exit door from the facility and ask the guard what is on the other side. The guard can't remember, and so uses their assigned, secure key to open the door and show you a corridor within the facility. What most concerns you about the situation?

AThe exit door should not lead into the facility

BThe exit door should not be capable of being opened from the outside

CThe guard should not have forgotten where the door leads to

DThe guard should have sought permission from their manager before opening the door

Answer : D

Question 5

You are driving to a vendor for their first assessment. The facility is in a rural area, twenty miles away from the nearest large town. What most concerns you about the location?

AThe local fire service may not be able to reach the facility within 15 minutes

BLaw enforcement services may not be able to reach the facility in a timely manner

CPower blackouts may affect security systems

DThere may not be adequate retail outlets, which may cause problems when sourcing lunch items for onsite personnel

Answer : B

Question 6

After reviewing their completed ROC and AOC, which state that they are compliant, the vendor wishes to be listed on PCI SSC's list of Compliant Card Vendors. How should you assist them with the listing process?

ASubmit the full ROC to PCI SSC

BSubmit only the AOC to PCI SSC

CInform the vendor that PCI SSC does not list compliant vendors

DInform the vendor that they must request a listing via the payment brand(s) that received their ROC

Answer : D

Question 7

Who performs regular AQM audits of CPSA companies?

AIssuing banks

BPayment brands

CPCI SSC

DVendor

Answer : C

PCI Card Production Security Assessor (CPSA) Qualification CPSA Exam Practice Test