Winter Sale - Special Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: dpm65

CPSA_P_New Card Production Security AssessorCPSA Physical NewExam Questions and Answers

Questions 4

Which of the follow best describes a Technical FAQ?

Options:

A.

Technical FAQs only apply to the specific technology as the FAQ defines it

B.

Technical FAQs can be submitted to PCI SSC at any time

C.

Use of the Technical FAQs is mandatory, they shall be used during an assessment

D.

Use of the Technical FAQs is optional, they are considered guidance

Buy Now
Questions 5

Who is required to approve visitor entry to the HSA or cloud-based provisioning environment?

Options:

A.

The head of the vendor facility

B.

The Security Manager

C.

Both the Security Manager and the Production Manager

D.

The Security Manager, Production Manager, and the head of the vendor facility

Buy Now
Questions 6

Where can misprinted, partially finished cards be shredded?

Options:

A.

In any HSA room approved by the security manager

B.

Either in the HSA printing room or destruction room

C.

Only in the HSA destruction room

D.

Either in the HSA destruction room or a loading bay that meets all requirements of a destruction room

Buy Now
Questions 7

Which document describes the results of an assessment, and is signed by both the assessor and the vendor executive officer?

Options:

A.

Security Assessment Questionnaire (SAQ)

B.

Attestation of Compliance (AOC)

C.

Report on Compliance (ROC)

D.

Letter of Approval (LOA)

Buy Now
Questions 8

During an assessment you do a walk-through of bringing card products into the HSA using the goods-tools trap. You act as production staff, using an empty cardboard box as the card products. During the process, the guard escorts you, along with the box, into the pre-press room. What is your conclusion?

Options:

A.

Compliant, because the guard escorted you

B.

Compliant, because the guard ensured that the card product remained under dual control

C.

Not compliant, because an inventory of the card product did not take place prior to entry

D.

Not compliant, because the guard escorted you

Buy Now
Questions 9

A cardholder wants to make purchases using their phone, so they have their cardholder information programmed into their SIM card using their mobile phone provider. Which of the following best describes this system?

Options:

A.

Card personalization

B.

Host Card Emulation (HCE) provisioning

C.

Secure Element (SE) provisioning

D.

Over-the-air (OTA) provisioning

Buy Now
Questions 10

Which of the following statements is true about the facility’s non-emergency exits?

Options:

A.

They must be contact-alarm monitored only when card production activities are taking place

B.

They must be configured to prevent staff tailgating

C.

They may be left unlocked when a guard is present

D.

They must be fitted with biometric access-control devices

Buy Now
Questions 11

A vendor receives cardholder information and keys from a bank. The vendor then performs the following:

* Uses its HSM to create keys

* Creates cardholder information specific to each cardholder, including name and PAN

* Formats the data for the hardware that will put it on a card

* Writes it to an encrypted file

Which of the following best describes this process?

Options:

A.

Data creation

B.

Data preparation

C.

Manufacture

D.

Pre-personalization

Buy Now
Questions 12

Which of the following must every assessor do to maintain their CPSA certification?

Options:

A.

Complete annual requalification training or complete 3 assessments for different facilities each year

B.

Earn and document at least 20 hours of Continuing Professional Education (CPE) over 3 years

C.

Earn an additional professional certification from List A or B of the Qualification Requirements (QRs)

D.

Submit evidence of internal training in a relevant area (as per the QRs)

Buy Now
Questions 13

A vendor uses codes from a chip manufacturer to ‘unlock’ chips and prepare them for use by adding applications and keys. Which of the following best describes this process?

Options:

A.

Data creation

B.

Data preparation

C.

Manufacture

D.

Pre-personalization

Buy Now
Questions 14

A vendor has a list of pre-approved third parties which may be granted access to the facility. Under what circumstances can other third-parties be granted access?

Options:

A.

None, only people on the pre-approved list may enter

B.

When they are approved by the physical security manager or senior management

C.

When the third party s liability insurance covers the risk

D.

When no card production activities are taking place

Buy Now
Questions 15

How frequently must alarms on external doors of a card production and provisioning vendor environment be tested?

Options:

A.

Every day

B.

Every week

C.

Every month

D.

Every 3 months

Buy Now
Exam Code: CPSA_P_New
Exam Name: Card Production Security AssessorCPSA Physical NewExam
Last Update: Nov 30, 2024
Questions: 50

PDF + Testing Engine

$57.75  $164.99

Testing Engine

$43.75  $124.99
buy now CPSA_P_New testing engine

PDF (Q&A)

$36.75  $104.99
buy now CPSA_P_New pdf
dumpsmate guaranteed to pass
24/7 Customer Support

DumpsMate's team of experts is always available to respond your queries on exam preparation. Get professional answers on any topic of the certification syllabus. Our experts will thoroughly satisfy you.

Site Secure

mcafee secure

TESTED 04 Dec 2024