PCI-DSS ISA Exam Questions and Answers
100% PASS
Perimeter firewalls installed ______________________________.—ANSWER--between all
wireless networks and the CHD environment.
Where should firewalls be installed?—ANSWER--At each Internet connection and
between any DMZ and the internal network.
Review of firewall and router rule sets at least every __________________.—ANSWER--6
months
If disk encryption is used—ANSWER--logical access must be managed separately and
independently of native operating system authentication and access control
mechanisms
Manual clear-text key-management procedures specify processes for the use of the
following:—ANSWER--Split knowledge AND Dual control of keys
What is considered "Sensitive Authentication Data"?—ANSWER--Card verification value
When a PAN is displayed to an employee who does NOT need to see the full PAN, the
minimum digits to be masked are: All digits between the ___________ and the
__________.—ANSWER--first 6; last 4
, Regarding protection of PAN...—ANSWER--PAN must be rendered unreadable during
the transmission over public and wireless networks.
Under requirement 3.4, what method must be used to render the PAN unreadable?—
ANSWER--Hashing the entire PAN using strong cryptography
Weak security controls that should NOT be used—ANSWER--WEP, SSL, and TLS 1.0 or
earlier
Per requirement 5, anti-virus technology must be deployed_________________—
ANSWER--on all system components commonly affected by malicious software.
Key functions for anti-vius program per Requirement 5:—ANSWER--1) Detect
2) Remove
3) Protect
Anti-virus solutions may be temporarily disabled only if—ANSWER--there is legitimate
technical need, as authorized by management on a case-by-case basis
When to install "critical" applicable vendor-supplied security patches? ---> within
_________ of release.—ANSWER--1 month
When to install applicable vendor-supplied security patches?—ANSWER--within an
appropriate time frame (for example, within three months).
When assessing requirement 6.5, testing to verify secure coding techniques are in place
to address common coding vulnerabilities includes:—ANSWER--Reviewing software
development policies and procedures
© 2026 Copyright. All Rights Reserved. This document is
protected by copyright law, Copyrighted By Brittie Donald
100% PASS
Perimeter firewalls installed ______________________________.—ANSWER--between all
wireless networks and the CHD environment.
Where should firewalls be installed?—ANSWER--At each Internet connection and
between any DMZ and the internal network.
Review of firewall and router rule sets at least every __________________.—ANSWER--6
months
If disk encryption is used—ANSWER--logical access must be managed separately and
independently of native operating system authentication and access control
mechanisms
Manual clear-text key-management procedures specify processes for the use of the
following:—ANSWER--Split knowledge AND Dual control of keys
What is considered "Sensitive Authentication Data"?—ANSWER--Card verification value
When a PAN is displayed to an employee who does NOT need to see the full PAN, the
minimum digits to be masked are: All digits between the ___________ and the
__________.—ANSWER--first 6; last 4
, Regarding protection of PAN...—ANSWER--PAN must be rendered unreadable during
the transmission over public and wireless networks.
Under requirement 3.4, what method must be used to render the PAN unreadable?—
ANSWER--Hashing the entire PAN using strong cryptography
Weak security controls that should NOT be used—ANSWER--WEP, SSL, and TLS 1.0 or
earlier
Per requirement 5, anti-virus technology must be deployed_________________—
ANSWER--on all system components commonly affected by malicious software.
Key functions for anti-vius program per Requirement 5:—ANSWER--1) Detect
2) Remove
3) Protect
Anti-virus solutions may be temporarily disabled only if—ANSWER--there is legitimate
technical need, as authorized by management on a case-by-case basis
When to install "critical" applicable vendor-supplied security patches? ---> within
_________ of release.—ANSWER--1 month
When to install applicable vendor-supplied security patches?—ANSWER--within an
appropriate time frame (for example, within three months).
When assessing requirement 6.5, testing to verify secure coding techniques are in place
to address common coding vulnerabilities includes:—ANSWER--Reviewing software
development policies and procedures
© 2026 Copyright. All Rights Reserved. This document is
protected by copyright law, Copyrighted By Brittie Donald
