PCI
CPSA
Q1:
Which of the following statements about unsolicited visitors is true?
○
A
They must be turned away○
B
They must complete an NDA before entry is granted○
C
They must be able to prove a legitimate reason for their visit prior to entry○
D
They must be registered, their identities confirmed, and must be allocated an escort before entry
PCI
CPSA
Q2:
Which of the following personnel changes must result in the vendor notifying the Vendor Program Administration (VPA)?
○
A
Adding additional rights to someone's role to give them access to the mam production vault○
B
Any change to a role that directly affects the security of card products and related components○
C
Hiring someone that will directly interact with the card issuers○
D
Promoting someone to senior management level
PCI
CPSA
Q3:
Who is required to approve visitor entry to the HSA or cloud-based provisioning environment?
○
A
The head of the vendor facility○
B
The Security Manager○
C
Both the Security Manager and the Production Manager○
D
The Security Manager, Production Manager, and the head of the vendor facility
PCI
CPSA
Q4:
To liberate a person detected inside of the inner shipping delivery room and stop the alarm, the software monitoring the access-control system must only allow the opening of which door?
○
A
The external facing door○
B
The internal facing door○
C
The last activated door○
D
The least secure door
PCI
CPSA
Q5:
Which document describes the results of an assessment, and is signed by both the assessor and the vendor executive officer?
○
A
Security Assessment Questionnaire (SAQ)○
B
Attestation of Compliance (AOC)○
C
Report on Compliance (ROC)○
D
Letter of Approval (LOA)