Have Pcip Do I Have to Pass Fundementals Again for Qsa

If you are reading this post, you are either considering taking the PCI-ISA Exam, or are already on your fashion studying. Unlike other Information technology exams, this one does non come up with much supplemental study material. When I searched online, I found next to nothing on the topic, and no major grooming arrangement offers practise exams or report tips, how un-It. The recommendations I brand are for those that chose the online option equally I did.

How should I study?

Lets start with the obvious. The Fundamentals Course, fundamentals exam, and the online course are your best and only written report materials to pass the PCI-ISA Examination. To fix, I took notes on each slide and wrote verbatim the content of each slide into a document. As someone who has not lead an PCI audit, I needed to do this as each slide was essentially new information. If you lot have feel with PCI Audit, yous may not need to get to such lengths to set. I also fabricated flashcards to memorize the basics, i.e. Acquirers, issuers, SAQ types, PCI PA-DSS etc.

I think what also helped a lot was the fact that I was reviewing and preparing for this years audit by looking at our companies previous years audit. In going line past line and reviewing all the information, I think I learned more about PCI-ISA exam report topics this way than studying from the online grade. Get figure, doing something in do is the all-time method to commit things to memory. I was about 70 pages through the 200 page ROC template which really solidified my cognition of Requirements i - 4. In total I would say I put 30-40 hours into the feel over a 3 calendar week period.

Whats the Test like?

The PCI-ISA exam is 75 questions over xc minutes and conducted at a Pearson VUE exam facility. Bring your ain earplugs because the facility is hit or miss and the i I was at must have been next to a frat house because loud EDM music was playing the entire time. A tip I learned studying for the GMATs, write downwardly the number and the answer choices (a,b,c,d) for each question and cross out answers you know to be false, and underline ones that you recall have a take a chance of being true. When you flag questions for review, y'all tin get dorsum and concentrate on picking between 2 options, vs all iv, which helps to save fourth dimension. Over the 90 minutes allotted, I finished in 60 minutes. My first run took 45 minutes and I had xxx questions flagged for review that took xv minutes to make clean up.

Whats on the Exam?

Thankfully, the PCI-ISA Test is not a test that asks, what is requirement 8.3.2, option from these choices. Its more an test that asks, according to requirement viii.3.two how many times can a user enter their countersign incorrectly before locking out the account. The difference is that you are being tested on the content, and the requirement numbers are just there equally reference. To those of you who think you need to know all these requirement numbers by center, you exercise not , but y'all do demand to know what all the requirements are to some degree. Equally yous have likely read before, 75% is the passing threshold and y'all get a pass/neglect and that is it. You receive instant results in one case you consummate the exam and receive a printout every bit proof. Actual certificate volition be mailed to you in 2 weeks time.

Off the height of my caput, here are a few things I call up being tested on the PCI-ISA Exam.

• DESV
• Runway 1 vs ii data
• Encryption (Fundamental encrypting Keys and Data Encrypting Keys)
• Key Custodians
• Business relationship Lockout times
• Information Retentiveness of Card Holder Data on Backup Media
• Concrete Security, Video Security retentivity period
• Authorization/Clearing/Settlement
• Secure Coding standards
• Sampling

Reference Links

PCIP-Report - A blog I institute from 2013 talking about the PCIP Examination, which is very similar

ISA Fundamentals Questions (Screenshots) - Halfway through my fundamentals examination, i figured information technology would be good to screencap the questions for review later. you tin can employ these to review and familiarize with the question format as they are similar to the real exam. Of import: Some of the answers I selected are incorrect. Purpose of these shots are to bear witness you lot the questions, not provide you the correct answers.

PCI ISA Exam In Person Comments - Not the best review but something to read. Like I said, PCI ISA is not a well covered topic similar a CISSP or Security+ exam.

PCI DSS Report on Compliance Template - If you have never seen this, you probably should impress it out to understand the corporeality of textile that volition need to exist covered.

In Summary

I would say virtually thirty-xl% of the PCI-ISA examination are more general security questions and are pretty mutual sense. Alot of times even when I did not know something at all, ii of the choices would be obviously wrong and I could estimate and get a l% hazard of getting it right. The exam is too somewhat poorly written and did non e'er make sense grammatically. It does non however affect your power to answer correctly.

As someone who previously took the CISSP, I can say this is about 35% the try and difficulty. This is a much narrower focus in terms of topics discussed and at that place are no scenario based questions y'all actually demand to analyze the fashion the CISSP requires.

Skillful luck to those of you studying. If you have additional questions please comment below and I volition do my best to answer them.

-Phillip Chang

houckweentim88.blogspot.com

Source: https://www.linkedin.com/pulse/study-pci-isa-exam-pass-phillip-chang-cissp

Share this post