March Sale Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: 70special

PCI SSC CPSA Card Production Security Assessor (CPSA) Qualification Exam Exam Practice Test

Page: 1 / 0
Total 0 questions

Card Production Security Assessor (CPSA) Qualification Exam Questions and Answers

Question 1

Who is required to approve visitor entry to the HSA or cloud-based provisioning environment?

Options:

A.

The head of the vendor facility

B.

The Security Manager

C.

Both the Security Manager and the Production Manager

D.

The Security Manager, Production Manager, and the head of the vendor facility

Question 2

A vendor has a list of pre-approved third parties which may be granted access to the facility. Under what circumstances can other third-parties be granted access?

Options:

A.

None, only people on the pre-approved list may enter

B.

When they are approved by the physical security manager or senior management

C.

When the third party s liability insurance covers the risk

D.

When no card production activities are taking place

Question 3

For how long must a CPSA Company maintain workpapers and technical information obtained during an assessment?

Options:

A.

Until each applicable payment brand has accepted (and signed off) the ROC and AOC

B.

As long as the entity under assessment is a client of the CPSA Company

C.

3 years

D.

1 year

Question 4

You wish to check that you are using the most current version of the Card Production requirements. What should you do?

Options:

A.

Have the CPSA Company’s point of contact request the document

B.

Download it from PCI SSC’s Document Library

C.

Email a request for the document to PCI SSC

D.

View it directly via PCI SSC Assessor Portal

Question 5

Which of the following personnel changes must result in the vendor notifying the Vendor Program Administration (VPA)?

Options:

A.

Adding additional rights to someone’s role to give them access to the mam production vault

B.

Any change to a role that directly affects the security of card products and related components

C.

Hiring someone that will directly interact with the card issuers

D.

Promoting someone to senior management level

Question 6

A vendor puts cardholder information into a chip by sliding a payment card through a machine that programs it and verifies the data. The chip can make contactless transactions. Which of the following best describes the vendor’s activity?

Options:

A.

Card personalization

B.

Host Card Emulation (HCE) provisioning

C.

Secure Element (SE) provisioning

D.

Fulfillment

Question 7

To liberate a person detected inside of the inner shipping delivery room and stop the alarm, the software monitoring the access-control system must only allow the opening of which door?

Options:

A.

The external facing door

B.

The internal facing door

C.

The last activated door

D.

The least secure door

Page: 1 / 0
Total 0 questions