New Year Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: 70percent

Certensure Logo
  1. Home
  2. PCI SSC
  3. CPSA Qualification
  4. CPSA - Card Production Security Assessor (CPSA)QualificationExam

PCI SSC CPSA Card Production Security Assessor (CPSA)QualificationExam Exam Practice Test

Demo: 7 questions
Total 50 questions
Get CPSA Full Access Download CPSA PDF

Card Production Security Assessor (CPSA)QualificationExam Questions and Answers

Question 1

For how long must a vendor retain all applicant and employee background information on file?

Options:

A.

For at least 12 months after termination of the contract of employment

B.

For at least 18 months after termination of the contract of employment

C.

For at least 24 months after termination of the contract of employment

D.

It is not a requirement to store this information beyond termination of the contract

Question 2

Which document describes the results of an assessment, and is signed by both the assessor and the vendor executive officer?

Options:

A.

Security Assessment Questionnaire (SAQ)

B.

Attestation of Compliance (AOC)

C.

Report on Compliance (ROC)

D.

Letter of Approval (LOA)

Question 3

Which of the following principles must be enforce by the HSA Access Control system?

Options:

A.

Dual control

B.

Dual presence

C.

Dual control and dual presence

D.

Dual guard entry when required

Question 4

Which of the following security awareness measures is required for compliance?

Options:

A.

Annual training on common attack methods

B.

Annual training on use of mantraps

C.

Security awareness exams for all personnel

D.

Security posters must be placed in the facility

Question 5

For each requirement listed in a ROC, which types of findings must have a full narrative response?

Options:

A.

All types of findings

B.

Non-compliant findings only

C.

New or Closed findings only

D.

All types except Not Applicable findings

Question 6

After reviewing their completed ROC and AOC, which state that they are compliant, the vendor wishes to be listed on PCI SSC’s list of Compliant Card Vendors. How should you assist them with the listing process?

Options:

A.

Submit the full ROC to PCI SSC

B.

Submit only the AOC to PCI SSC

C.

Inform the vendor that PCI SSC does not list compliant vendors

D.

Inform the vendor that they must request a listing via the payment brand(s) that received their ROC

Question 7

Who is required to approve visitor entry to the HSA or cloud-based provisioning environment?

Options:

A.

The head of the vendor facility

B.

The Security Manager

C.

Both the Security Manager and the Production Manager

D.

The Security Manager, Production Manager, and the head of the vendor facility

Load More CPSA Questions
Demo: 7 questions
Total 50 questions
Get CPSA Full Access Download CPSA PDF