Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

PCI Definitions > Definitions > Flashcards

Definitions Flashcards

1
Q

Acronym for “authentication, authorization and accounting. Protocol for authenticating a user based on their verifiable identity, authorizing a user based on their user rights, and accounting for a user’s consumption of network resources.

A

AAA

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Mechanisms that limit availability of information or information-processing resources only to authorized persons or applications.

A

Access Control

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Account data consists of cardholder data and/or sensitive authentication data. See Cardholder Data and Sensitive Authentication Data.

A

Account Data

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Primary Account Number

A

Account Number

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Also referred to as merchant bank,”acquiring bank,” or acquiring financial institution , that processes payment card transactions for merchants and is defined by a payment brand as an acquirer. Acquirers are subject to payment brand rules and procedures regarding merchant compliance.

A

Acquirer

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Elevated or increased privileges granted to an account in order for that account to manage systems, networks and/or applications.

A

Administrative Access

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Type of malicious software that, when installed, forces a computer to automatically display or download advertisements.

A

Adware

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Abbreviation for “Advanced Encryption Standard.”Blocker cipher used in symmetric key cryptography adopted by NIST in November 2001 as U.S. FISPS PUB 197 (or “FIP 197”).

A

AES

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Acronym for “American National Standards Institute.” Private, non-profit organization that administers and coordinates the U.S. voluntary standardization and conformity assessment system.

A

ANSI

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Program or software capable of detecting, removing, and protecting against various forms of malicious software (also called “malware”) including viruses, worms, Trojans or Trojan horses, spyware, adware, and root kits.

A

Anti-Virus

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Acronym for “ attestation of compliance.” The AOC is a form for merchants and service providers to attest to the results of a PCI DSS assessment, as documented in the Self-Assessment Questionnaire or Report on Compliance.

A

AOC

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Acronym for “attestation of validation.” The AOV is a form for PA-QSAs to attest to the results of a PA-DSS assessment, as documented in the PA-DSS Report on Validation.

A

AOV

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Includes all purchased and custom software programs or groups of programs, including both internal and external (for example, web) applications.

A

Application

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Acronym for “Approved Scanning Vendor.” Company approved by the PCI SCC to conduct external vulnerability scanning services.

A

ASV

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Also referred to as “audit trail.” Chronological record of system activities. Provides and independently verifiable trail sufficient to permit reconstruction, review, and examination of sequence of environments and activities surrounding or leading to operation, procedure, or event in a transaction from inception to final results.

A

Audit Log

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Also referred to Audit Log

A

Audit Trail

17
Q

Process of verifying identity of an individual, device, or process. Authentication typically occurs through the use of one or more authentication factors such as:
Something you know, such as password or
Passphrase
Something you have , such as a token
Device or smart card
Something you are, such as a biometric

A

Authentication

18
Q

Combination of the user ID or account ID plus the authentication factor(s) used to authenticate and individual, device, or process.

A

Authentication Credentials

19
Q

In the context of access control , authorization is the granting of access or other rights to a user, program, or process. Authorization defines what an individual or program can do after successful authentication.

In the context of payment card transaction, authorization occurs when a merchant receives transaction approval after the acquirer validates the transaction with the issuer/processor.

A

Authorization

20
Q

Duplicate Copy of data made for archiving purposes or for protecting against damage or loss.

A

Backup

21
Q

An acronym for “business as usual.” BAU is an organization’s normal daily business operations.

A

BAU

22
Q

Wireless protocol using short-range communications technology to facilitate transmission of data over short distances.

A

Bluetooth

23
Q

Vulnerability that is created from insecure coding methods, where a program overruns the buffer’s boundary and writes data to adjacent memory space. Buffer overflows are used by attackers to gain unauthorized access to systems or data.

A

Buffer Overflow

24
Q

A physical device, often attached to a legitimate card reading device, designed to illegitimately capture and/or store the information from a payment card.

A

Card Skimmer

PCI Definitions (1 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions