PCI CPSA Exam Practice Test Instant Access

Question 1

Which of the follow best describes a Technical FAQ?

ATechnical FAQs only apply to the specific technology as the FAQ defines it

BTechnical FAQs can be submitted to PCI SSC at any time

CUse of the Technical FAQs is mandatory, they shall be used during an assessment

DUse of the Technical FAQs is optional, they are considered guidance

Answer : D

Question 2

After reviewing their completed ROC and AOC, which state that they are compliant, the vendor wishes to be listed on PCI SSC's list of Compliant Card Vendors. How should you assist them with the listing process?

ASubmit the full ROC to PCI SSC

BSubmit only the AOC to PCI SSC

CInform the vendor that PCI SSC does not list compliant vendors

DInform the vendor that they must request a listing via the payment brand(s) that received their ROC

Answer : D

Question 3

Which of the following statements is true about the facility's non-emergency exits?

AThey must be contact-alarm monitored only when card production activities are taking place

BThey must be configured to prevent staff tailgating

CThey may be left unlocked when a guard is present

DThey must be fitted with biometric access-control devices

Answer : B

Question 4

Who performs regular AQM audits of CPSA companies?

AIssuing banks

BPayment brands

CPCI SSC

DVendor

Answer : C

Question 5

For how long must a CPSA Company maintain workpapers and technical information obtained during an assessment?

AUntil each applicable payment brand has accepted (and signed off) the ROC and AOC

BAs long as the entity under assessment is a client of the CPSA Company

C3 years

D1 year

Answer : C

Question 6

Which of these is a requirement of the security control room?

AAccess must be controlled by a physical key (in case of power-failure)

BAccess must be monitored in real-time

CAt least one guard must be present at all times

DDual-control must be used to grant entry

Answer : D

Question 7

When must HSA motion detectors generate an alarm event?

AEach time movement is detected

BEach time movement is detected outside of regular business hours

CEach time movement is detected and the access-control system indicates the room is occupied

DEach time movement is detected and the access-control system indicates the room is not occupied

Answer : D

PCI CPSA Card Production Security Assessor (CPSA) Qualification Exam Practice Test