PCI DSS Requirements Practice Test

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $24.99Unlock all
Session length

1 / 20

In the context of rendering cardholder data unreadable, hashing should be applied to which data?

The last four digits of the PAN

The cardholder's name

The entire PAN

When you want to render cardholder data unreadable, the focus is on protecting the primary account number (PAN) wherever it is stored. Hashing the entire PAN turns it into a one-way digest, so the original number can’t be recovered. If you only hash the last four digits, the majority of the PAN would still be stored in readable form, so the data isn’t truly unreadable. The cardholder’s name isn’t the sensitive value that defines the card account, and the PIN is handled in a different, highly protected way during authorization. So hashing the entire PAN is the correct approach to ensure the data is unreadable.

The PIN

Next Question
Subscribe

Get the latest from Examzify

You can unsubscribe at any time. Read our privacy policy