In the context of rendering cardholder data unreadable, hashing should be applied to which data?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $24.99Unlock all

Prepare for the PCI DSS Test with detailed questions and explanations. Use flashcards and quizzes to enhance knowledge. Ensure you're ready for your certification exam!

Multiple Choice

In the context of rendering cardholder data unreadable, hashing should be applied to which data?

Explanation:
When you want to render cardholder data unreadable, the focus is on protecting the primary account number (PAN) wherever it is stored. Hashing the entire PAN turns it into a one-way digest, so the original number can’t be recovered. If you only hash the last four digits, the majority of the PAN would still be stored in readable form, so the data isn’t truly unreadable. The cardholder’s name isn’t the sensitive value that defines the card account, and the PIN is handled in a different, highly protected way during authorization. So hashing the entire PAN is the correct approach to ensure the data is unreadable.

When you want to render cardholder data unreadable, the focus is on protecting the primary account number (PAN) wherever it is stored. Hashing the entire PAN turns it into a one-way digest, so the original number can’t be recovered. If you only hash the last four digits, the majority of the PAN would still be stored in readable form, so the data isn’t truly unreadable. The cardholder’s name isn’t the sensitive value that defines the card account, and the PIN is handled in a different, highly protected way during authorization. So hashing the entire PAN is the correct approach to ensure the data is unreadable.

More Multiple Choice Questions
Subscribe

Get the latest from Examzify

You can unsubscribe at any time. Read our privacy policy