nerdexam
Cisco

210-255 · Question #10

Which data element must be protected with regards to PCI?

The correct answer is C. full name. PCI DSS explicitly lists cardholder name (full name) as a protected cardholder data element that must be secured.

Security Policies and Procedures

Question

Which data element must be protected with regards to PCI?

Options

  • Apast health condition
  • Bgeographic location
  • Cfull name
  • Drecent payment amount

How the community answered

(25 responses)
  • A
    8% (2)
  • B
    4% (1)
  • C
    88% (22)

Why each option

PCI DSS explicitly lists cardholder name (full name) as a protected cardholder data element that must be secured.

Apast health condition

Past health condition is Protected Health Information (PHI) regulated under HIPAA, not a PCI DSS cardholder data element.

Bgeographic location

Geographic location is primarily addressed by privacy regulations such as GDPR and is not a core PCI DSS-protected data element.

Cfull nameCorrect

PCI DSS defines cardholder data to include the Primary Account Number (PAN), cardholder name, expiration date, and service code. Full name (cardholder name) is one of these explicitly enumerated data elements subject to PCI DSS protection requirements when stored, processed, or transmitted. This distinguishes PCI scope from other regulatory frameworks such as HIPAA or GDPR.

Drecent payment amount

Payment amounts are part of transaction records but are not among the specifically enumerated cardholder data elements that PCI DSS mandates protection for.

Concept tested: PCI DSS cardholder data protection requirements

Source: https://www.pcisecuritystandards.org/document_library/

Topics

#PCI DSS#cardholder data#data protection#compliance

Community Discussion

No community discussion yet for this question.

Full 210-255 Practice