Question 1

An organization has multiple business locations, each with its own payment processing setup. Some locations process card-present transactions using point-of-sale (POS) terminals, while others handle e-commerce transactions through their website. As a PCI Professional, which Self-Assessment Questionnaire (SAQ) would be most appropriate for the organization's overall PCI DSS compliance assessment?

Options :

A : SAQ B

B : SAQ A-EP

C : SAQ D

D : SAQ P2PE

Answer: C

Question 2

Which appendix is designed for Sample Templates to Support Customized Approach

Options :

A : Appendix F

B : Appendix E

C : Appendix C

D : Appendix B

Answer: B

Question 3

Requirement 6.5.2 dictates what?

Options :

A : All payment page scripts that are loaded and executed in the consumer’s browser are managed as follows

B : Upon completion of a significant change, all applicable PCI DSS requirements are confirmed to be in place on all new or changed systems and networks, and documentation is updated as applicable

C : Changes to all system components in the production environment are made according to established procedures that include

D : For public-facing web applications, new threats and vulnerabilities are addressed on an ongoing basis and these applications are protected against known attacks

Answer: B

Question 4

Who is the most recent payment brand?

Options :

A : Visa

B : Union Pay

C : Mastercard

D : JCB International

Answer: B

Question 5

An entity has a visitor attending their premises. Part of this visit includes entering a secure server room which houses the CDE. Out of the following, which applies?

Options :

A : The visitor must ensure they tell suitable staff where they are going when not being escorted

B : The visitor must be escorted at all times

C : The visitor can attend any location on their own if they are carrying out an assessment

D : The visitor should never be able to access a server room which houses CDE, regardless of their job or reason

Answer: B