Page 1

Card Production Security Assessor (CPSA)QualificationExam Version: Demo [ Total Questions: 10] Web: www.certsout.com Email: support@certsout.com PCI SSC CPSA



We have developed quality product and state-of-art service to ensure our customers interest. If you have any suggestions, please feel free to contact us at feedback@certsout.com


If you have any questions about our product, please provide the following items:

exam code

screenshot of the question

login id/email

please contact us at and our technical experts will provide support within 24 hours.



The product of each order has its own encryption code, so you should use it independently. Any unauthorized changes will inflict legal punishment. We reserve the right of final explanation for this statement.

Question #:1

A vendor puts cardholder information into a chip by sliding a payment card through a machine that programs it and verifies the data. The chip can make contactless transactions. Which of the following best describes the vendor’s activity?

Card personalization

Host Card Emulation (HCE) provisioning

Secure Element (SE) provisioning


Answer: C

Question #:2

You wish to check that you are using the most current version of the Card Production requirements. What should you do?

Have the CPSA Company’s point of contact request the document

Download it from PCI SSC’s Document Library

Email a request for the document to PCI SSC

View it directly via PCI SSC Assessor Portal

Answer: B

Question #:3

To liberate a person detected inside of the inner shipping delivery room and stop the alarm, the software monitoring the access-control system must only allow the opening of which door?

The external facing door

The internal facing door

The last activated door

The least secure door

Answer: B

Question #:4

In which of the following locations must the CCTV and access control servers be located?

PCI SSC - CPSA Certs Exam 1 of 4 Pass with Valid Exam Questions Pool A. B. C. D. A. B. C. D. A. B. C. D.

Within the Security Control Room (SCR)

Within a room in the HSA with security controls equivalent to the SCR applied

Within the SCR or a room with equivalent security

Within the secure server room inside of the HSA

Answer: C

Question #:5

Which of the following must every assessor do to maintain their CPSA certification?

Complete annual requalification training or complete 3 assessments for different facilities each year

Earn and document at least 20 hours of Continuing Professional Education (CPE) over 3 years

Earn an additional professional certification from List A or B of the Qualification Requirements (QRs)

Submit evidence of internal training in a relevant area (as per the QRs)

Answer: B

Question #:6

In relation to guards, which of the following must the vendor ensure?

A clear segregation of duties is maintained between production staff and guards

A clear segregation of duties is maintained between guard and reception related job functions

There is always at least one guard on-site, including outside of working hours, to monitor security systems and premises

There is always at least one guard in the HSA and one guard in the security control room at all times

Answer: C

Question #:7

Which of the following personnel changes must result in the vendor notifying the Vendor Program Administration (VPA)?

Adding additional rights to someone’s role to give them access to the mam production vault

Any change to a role that directly affects the security of card products and related components

PCI SSC - CPSA Certs Exam 2 of 4 Pass with Valid Exam Questions Pool A. B. C. D. A. B. C. D. A. B. C. D. A. B. C.

Hiring someone that will directly interact with the card issuers

Promoting someone to senior management level

Answer: B

Question #:8

A vendor is unsure which forms are needed to complete an assessment. Who should they ask?


Issuing banks

Payment brands


Answer: D

Question #:9

Which of the follow best describes a Technical FAQ?

Technical FAQs only apply to the specific technology as the FAQ defines it

Technical FAQs can be submitted to PCI SSC at any time

Use of the Technical FAQs is mandatory, they shall be used during an assessment

Use of the Technical FAQs is optional, they are considered guidance

Answer: D

Question #:10

A vendor discovers that a recent shipment of cards is missing a set. Which of the following responses would you expect in a compliant organization?

An immediate call is made to the issuer and the VPA who, between them, contact law enforcement and put together a joint statement

The head of security initiates a meeting, and once the VPA approves the messaging, law enforcement is notified in two days

A report is requested by the issuer, the vendor sends it to them, and the issuer handles the incident with the local police

PCI SSC - CPSA Certs Exam 3 of 4 Pass with Valid Exam Questions Pool C. D. A. B. C. D. A. B. C. D. A. B. C. D.

D. After an incident review, the VPA, issuer and law enforcement are all notified within 24 hours

Answer: D

PCI SSC - CPSA Certs Exam 4 of 4 Pass with Valid Exam Questions Pool

About certsout.com

certsout.com was founded in 2007. We provide latest & high quality IT / Business Certification Training Exam Questions, Study Guides, Practice Tests.

We help you pass any IT / Business Certification Exams with 100% Pass Guaranteed or Full Refund. Especially Cisco, CompTIA, Citrix, EMC, HP, Oracle, VMware, Juniper, Check Point, LPI, Nortel, EXIN and so on.

View list of all certification exams: All vendors

We prepare state-of-the art practice tests for certification exams. You can reach us at any of the email addresses listed below.

Sales: sales@certsout.com

Feedback: feedback@certsout.com

Support: support@certsout.com

Any problems about IT certification or our products, You can write us back and we will get back to you within 24 hours.

Turn static files into dynamic content formats.

Create a flipbook
Issuu converts static files into: digital portfolios, online yearbooks, online catalogs, digital photo albums and more. Sign up and create your flipbook.