CISSP Question of the Day – 7-1-2016

Getting You Prepped for the CISSP Exam ...One Question at a Time!

Today’s CISSP question topic: PCI DSS

PCI DSS is a mandated information security standard that applies to organizations that accept credit cards (Visa, MasterCard, Discover, etc.). The primary objectives of the standard are to protect credit card information and reduce fraud. The security requirements for compliance with PCI DSS allow merchants to only store and retain certain types of cardholder information. Of the items listed below, which ARE ALLOWED to be stored by a merchant? (Choose 3)

  1. Cardholder’s PIN Number
  2. Cardholder’s Account Number in plain-text
  3. Card Expiration Date
  4. Full Magnetic Strip Data
  5. CAV2/CVC2/CVV2/CID
  6. Cardholder’s Name
  7. Cardholder’s Account Number in an unreadable (i.e. encrypted/truncated) format



Check Your Answer


  1. Card Expiration Date
  2. Cardholder’s Name
  3. Cardholder’s Account Number in an unreadable (i.e. encrypted/truncated) format

Supporting Links:

  1. https://www.pcisecuritystandards.org/pdfs/pci_fs_data_storage.pdf
  2. https://en.wikipedia.org/wiki/Payment_Card_Industry_Data_Security_Standard


Co-workers, friends or colleagues studying for the CISSP exam, too? Share this question with them! Click an icon below to share to your preferred social media platform!
Posted in:
About the Author

Colin Weaver

Colin Weaver is co-owner and lead instructor at ITdojo, Inc., a network security and information assurance training center and consulting firm located in Virginia Beach, VA. His passion for technology, networks, and security has led him to become enthralled with the idea of IPv6 and its implementation. In this blog he will share with you glimpses of what he has learned and a hint at what you’ll learn in his classes.