Question 1

A "Partial Assessment" is a new assessment definition. What is defined as a "Partial Assessment"?

Options :

A : An assessment with at least one requirement that is marked as "Not Tested".

B : A terminology that is used by the payment brands and the acquirers to define entities that have multiple payment channels. Each channel has its own assessment

C : An intermidiary state before the final ROC has been completed.

D : A ROC that has been completed after using an SAQ to determine which requirements should be tested, as per FAQ 1331. (As long as the entity meets the SAQ’s eligibility criteria).

Answer: A

Question 2

PCI-DSS Requirements 5 stats that antivirus software must be:

Options :

A : Installed on systems even those not commonly affected by malware

B : Updates at least annually

C : Installed on systems commonly affected by the malware

D : Configured to allow users to disable it as desired

Answer: C

Question 3

Storing track data "long term" or "persistently" is permitted when_______.

Options :

A : It is being stored by the issuers

B : It is hashed by the merchants storing it.

C : It is encrypted by the merchant storing it.

D : It is reported to the PCI SSC annually in a ROC

Answer: A

Question 4

After the 31 of the March 2025, how frequent must you review the system and application account privileges?

Options :

A : At every quarter.

B : There are no requirements for system accounts, so they should never.

C : Biannually

D : Periodically. The frequency is defined in the TRA (targeted risk analysis) of the entity-s .

Answer: D

Question 5

Level 1 and 2 merchants must include_______ as the part of their PCI-DSS compliance validation reporting process?

Options :

A : Sensitive authentication data (SAD)

B : A copy of their risk assessment

C : A report from their QSA

D : ASV scan results

Answer: D

Smartly Prepare Exam with Free Online QSA_New Practice Test

Buying Options: