Weekend Sale Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: xmas50

PCI SSC CPSA - Card Production Security Assessor (CPSA)Qualification Exam

PCI SSC CPSA Premium Access     Download Demo    
Page: 2 / 2
Total 50 questions

Before you go on-site, the vendor’s primary contact communicates a legitimate reason for delaying the assessment for several months. Who can approve the change in the report delivery schedule?

A.

Vendor senior management

B.

Payment brands

C.

Affected issuers

D.

PCI SSC

Which document describes the results of an assessment, and is signed by both the assessor and the vendor executive officer?

A.

Security Assessment Questionnaire (SAQ)

B.

Attestation of Compliance (AOC)

C.

Report on Compliance (ROC)

D.

Letter of Approval (LOA)

In which of the following locations must the CCTV and access control servers be located?

A.

Within the Security Control Room (SCR)

B.

Within a room in the HSA with security controls equivalent to the SCR applied

C.

Within the SCR or a room with equivalent security

D.

Within the secure server room inside of the HSA

A vendor uses codes from a chip manufacturer to ‘unlock’ chips and prepare them for use by adding applications and keys. Which of the following best describes this process?

A.

Data creation

B.

Data preparation

C.

Manufacture

D.

Pre-personalization

A vendor hosts virtual secure elements holding cardholder information in their data center. When a cardholder makes a purchase, the vendor creates a payment token which is sent to the cardholder’s mobile device. Which of the following best describes the vendor’s activities?

A.

Card personalization

B.

Host Card Emulation (HCE) provisioning

C.

Secure Element (SE) provisioning

D.

Over-the-air (OTA) provisioning