The only place I could really determine the scope/objectives of the exam were extracted from a PCIP training course description.
They include:
1. Principles of PCI DSS, PA-DSS, PTS, P2PE, and PIN Security
2. Understanding PCI DSS v2.0 requirements and intent (two documents below)
Payment Card Industry (PCI) Data Security Standard
Navigating PCI Requirements
3. Overview of basic payment industry terminology
How Credit Card Payments Work - authorize.net video
PCI Security Standards Glossary
4. Appropriate uses of compensating controls
Refer to Appendices B & C in the following document:
Payment Card Industry (PCI) Data Security Standard
5. How and when to use Self-Assessment Questionnaires (SAQs)
SAQ Info
6. Recognizing how new technologies affect the PCI (P2PE, tokenization, mobile, cloud)
Note: at the seminar I attended we were informed that guidlines and supplemental documents
were not included in the exam.
Point to Point Encryption (P2PE) FAQ's
https://www.pcisecuritystandards.org/documents/Tokenization_Guidelines_Info_Supplement.pdf PCI DSS Cloud Computing Guid e lines
7. PCI Code of Professional Responsibility
Link to Code of Professional Responsibility
8. Case study application
Did you ever write the exam, what was the outcome ?
ReplyDeleteNo, not yet. I need to finish my application still.
ReplyDeleteI am writing it on the 18th. I haven't taken the course. Any advice?
ReplyDeleteWell first of all good luck!
ReplyDeleteSince I haven't sat for this particular exam I can't make any specific suggestions.
However, a few things that I've done in the past for other exams ...
PRIOR TO EXAM DATE
- Establish a schedule for your study time in the final week. Spend a good portion on known weak areas.
- A few days before the exam, I'll drive to the location to make sure that there isn't any construction and to make 100% sure that I know how to get there
- I usually take the day before off for one final heavy study day and spend about 6-8 hours reviewing material
EXAM DAY
- The day of the exam, go through your normal process, that is, wake up at the same time, eat/don't eat breakfast as you usually do, etc.
- Do light studying in the hours leading up to the exam time, but take the last 1-2 hours to relax and keep your mind clear before walking in.
- Consider bringing ear plugs. Bring 2 picture ID cards. Don't forget pencils, eyeglasses, etc
EXAM START
- When the exam starts, do a "brain dump" on memorized information, writing it down on a sheet of paper for reference, that is assuming they let you have a blank sheet of paper.
- Read the questions carefully. This always costs me a few points as I try to answer too quickly.
- Do a couple passes on the exam. Answer the obvious questions on the first pass and come back for the ones that need a bit more thought. Sometimes re-reading the question makes the answer more obvious.
- On the final pass, try to eliminate obviously wrong answers to increase your odds. Select the best answer based on what the PCI council wants to hear, not what your experience tells you.
- If time remains, review your answers. However, a common idea is that you typically make the most accurate answer on your first pass. So don't "over analyze" your answers.
- In the final pass, make sure that you've answered every question.
Best of luck to you! Please let me know how you do.
ISO 27001 Compliant Companies In India
ReplyDeleteManaged Security Services
ISO 27001 Certification