- All Exams Instant Download
When must HSA motion detectors generate an alarm event?
When must HSA motion detectors generate an alarm event?A . Each time movement is detectedB . Each time movement is detected outside of regular business hoursC . Each time movement is detected and the access-control system indicates the room is occupiedD . Each time movement is detected and the access-control...
Why might this cause a problem for their assessment?
The vendor's technical documentation shows that the alarm system does not send alerts to the security control room. After a discussion you learn that the alarm works perfectly, and sends a clear signal to summon the local police every time an emergency exit is opened. Why might this cause a...
Where can misprinted, partially finished cards be shredded?
Where can misprinted, partially finished cards be shredded?A . In any HSA room approved by the security managerB . Either in the HSA printing room or destruction roomC . Only in the HSA destruction roomD . Either in the HSA destruction room or a loading bay that meets all requirements...
An assessor is unsure if log review and interview is sufficient testing for a requirement. Who can best answer this question?
An assessor is unsure if log review and interview is sufficient testing for a requirement. Who can best answer this question?A . Payment brandsB . Issuing banksC . VendorD . PCI SSCView AnswerAnswer: D Explanation: The PCI SSC (Payment Card Industry Security Standards Council) is the organization that develops and...
What most concerns you about the location?
You are driving to a vendor for their first assessment. The facility is in a rural area, twenty miles away from the nearest large town. What most concerns you about the location?A . The local fire service may not be able to reach the facility within 15 minutesB . Law...
What is your conclusion?
During an assessment you do a walk-through of bringing card products into the HSA using the goods-tools trap. You act as production staff, using an empty cardboard box as the card products. During the process, the guard escorts you, along with the box, into the pre-press room. What is your...
A vendor wants to know if they will be penalized if their vault is not compliant. Who should they ask?
A vendor wants to know if they will be penalized if their vault is not compliant. Who should they ask?A . PCI SSCB . AssessorC . Issuing banksD . Payment brandsView AnswerAnswer: D Explanation: The PCI SSC does not enforce compliance, nor does it mandate penalties for non-compliance. Compliance with...
Which of these is a requirement of the security control room?
Which of these is a requirement of the security control room?A . Access must be controlled by a physical key (in case of power-failure)B . Access must be monitored in real-timeC . At least one guard must be present at all timesD . Dual-control must be used to grant entryView...
A vendor is unsure which forms are needed to complete an assessment. Who should they ask?
A vendor is unsure which forms are needed to complete an assessment. Who should they ask?A . AssessorB . Issuing banksC . Payment brandsD . PCI SSCView AnswerAnswer: A Explanation: The assessor is the person who conducts the PCI Card Production Security Assessment and prepares the Card Production Report on...
You note this as non- compliant, why?
During an assessment you ask to see employee records for employees with access to the HSA. The records include information about the screening process, including background information from the employee application process. The oldest background Information that is available is for an employee that left the vendor (terminated their contract)...
