What are two examples of sensitive authentication data associated with a payment card that requires compliance with the Payment Card Industry Data Security Standard (PCI DSS)? (Choose two.)
- expiration date
- cardholder name
- CAV2/CVC2/CVV2/CID
- primary account number
- full magnetic strip data or equivalent data on a chip
Explanation: The payment card account data consists of cardholder data and sensitive authentication data. Cardholder data includes the primary account number, cardholder name, expiration date, and service code. Sensitive authentication data includes a full magnetic strip or equivalent data on a chip, CAV2/CVC2/CVV2/CID code, and PINs/PIB blocks.
Exam with this question: 2.4.3 Quiz - Planning and Scoping a Penetration Testing Assessment Answers
Please login or Register to submit your answer