Do not store PIN or encrypted PIN block after auth. Which option best reflects this?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $24.99Unlock all

Prepare for the PCI DSS Test with detailed questions and explanations. Use flashcards and quizzes to enhance knowledge. Ensure you're ready for your certification exam!

Multiple Choice

Do not store PIN or encrypted PIN block after auth. Which option best reflects this?

Explanation:
The key idea is that sensitive authentication data must not be retained after a successful authorization. PINs and encrypted PIN blocks are considered sensitive authentication data, and PCI DSS requires they be destroyed and not stored once authentication is complete. So the option that directly matches this rule—referring to the PIN or encrypted PIN block—is the best choice. Other data like PAN, CVV, or cardholder name have different handling rules, but the instruction here specifically targets the PIN data.

The key idea is that sensitive authentication data must not be retained after a successful authorization. PINs and encrypted PIN blocks are considered sensitive authentication data, and PCI DSS requires they be destroyed and not stored once authentication is complete. So the option that directly matches this rule—referring to the PIN or encrypted PIN block—is the best choice. Other data like PAN, CVV, or cardholder name have different handling rules, but the instruction here specifically targets the PIN data.

More Multiple Choice Questions
Subscribe

Get the latest from Examzify

You can unsubscribe at any time. Read our privacy policy