Card Production Security AssessorCPSA Physical NewExam (CPSA_P_New) Free Practice Test

Question 1

For how long must a vendor retain all applicant and employee background information on file?

A. For at least 18 months after termination of the contract of employment

B. For at least 12 months after termination of the contract of employment

C. For at least 24 months after termination of the contract of employment

D. It is not a requirement to store this information beyond termination of the contract

Correct Answer: B

Explanation: Only visible for TestSimulate members. You can sign-up / login (it's free).

Question 2

During an assessment you ask to see employee records for employees with access to the HSA. The records include information about the screening process, including background information from the employee application process. The oldest background Information that is available is for an employee that left the vendor (terminated their contract) one year previously. You note this as non-compliant, why?

A. Employee information, including background checks, must be stored for at least seven years

B. The vendor must only retain background information for all current employees, not for those that have been terminated

C. The vendor must retain the background information for at least 18 months after termination of contract

D. Employee information must be securely destroyed (e.g. securely wiped) within 2 years (after termination of contract)

Correct Answer: D

Explanation: Only visible for TestSimulate members. You can sign-up / login (it's free).

Question 3

If you have a query about a missing field in the card production reporting template, which organization is best-placed to answer it?

A. PCI SSC

B. The issuer

C. The vendor

D. The payment brands

Correct Answer: A

Explanation: Only visible for TestSimulate members. You can sign-up / login (it's free).

Question 4

You wish to check that you are using the most current version of the Card Production requirements. What should you do?

A. Download it from PCI SSC's Document Library

B. Email a request for the document to PCI SSC

C. View it directly via PCI SSC Assessor Portal

D. Have the CPSA Company's point of contact request the document

Correct Answer: A

Explanation: Only visible for TestSimulate members. You can sign-up / login (it's free).

Question 5

A vendor is unsure which forms are needed to complete an assessment. Who should they ask?

A. Issuing banks

B. PCI SSC

C. Payment brands

D. Assessor

Correct Answer: D

Question 6

Which of the follow best describes a Technical FAQ?

A. Technical FAQs only apply to the specific technology as the FAQ defines it

B. Use of the Technical FAQs is optional, they are considered guidance

C. Technical FAQs can be submitted to PCI SSC at any time

D. Use of the Technical FAQs is mandatory, they shall be used during an assessment

Correct Answer: B

Explanation: Only visible for TestSimulate members. You can sign-up / login (it's free).

Welcome to TestSimulate

PCI Card Production Security AssessorCPSA Physical NewExam (CPSA_P_New) Free Practice Test