Skip to main content

PCI-ISA Exam

Last year (July 2014) I took the PCI Professional online course and passed the exam at a Pearson VUE testing center in Mt. Laurel, NJ.  This year I had to take the PCI-Internal Security Assessor course because it became a requirement at my place of employment.  This past Friday I passed the exam at Pearson VUE so I am now a certified PCI-ISA, and I still hold my PCI Professional title as well.  The PCI-ISA certification lasts only one year, so I'll have to re-certify each year, but the PCI-P certification lasts three years.

I felt that these two tests had a lot of overlap, so if you already have the PCI-P certification I would highly recommend going for the PCI-ISA certification if your company is a PCI participating organization and will sponsor you.  The PCI-ISA certification is only valid as long as you work for the sponsoring company.  So if I quit tomorrow or get laid off, I lose the PCI-ISA cert.

If you are taking the PCI-ISA course now and are getting ready to take the exam, I would recommend studying all of the PCI requirements and making yourself very familiar with certain specifics (be aware of things like keeping online logs for 3 months, but keeping additional logs retrievable for 1 year; passwords should be a minimum length of 7 characters and set to expire every 90 days; employees should acknowledge reading the information security policy annually; etc.).  There were quite a few questions on my exam about encryption key management, too.

All questions were multiple choice, with only one correct answer.  No question asked me to choose more than one answer.  There were a handful of True/False questions, but not too many.  I had 90 minutes to complete 75 questions, but I was able to flag any question that I wanted to come back to at the end (whether I selected an answer or not).  I had about 50 minutes left on the clock when I ended the exam, so I had used a little more than half the time.  But I had studied as much as I possibly could have prior to taking the exam.  Despite this, I still flagged about 6 questions early on that I just did not recall studying.  When I went back to them at the end I didn't change my initial answers so I felt pretty good about them.  Of course, you won't find out which questions you got wrong (if any); you just find out whether you passed or failed.

Good luck!

Comments

Popular posts from this blog

2005 Chrysler Town & Country Sliding Door Fix

Our driver's side power sliding door has been acting up over the past year or so.  When you press the button inside the van or use the remote key chain fob to open the door, it will usually only open a few inches and then quit.  When it first started happening it would open pretty far and then quit, so I squirted some WD-40 inside the tracks thinking that something was blocking it.  That actually seemed to buy us some time because it started working again after that.  Over the past few months, though, the door was basically not powered anymore.  It would occasionally open about 2 inches and then stop.  Once open, it wouldn't even attempt to close when you pressed the button.  And if you manually closed the door, you really had to slam it because the motor wasn't taking over to close it all the way (you'll know what I'm talking about if you have one of these).

A side effect of this problem was that our power door locks also stopped working within the past two days o…

Amazon scam

I recently became victim of an Amazon scam that "isn't that uncommon," according to the scammer.  Yes, that's right.  I had an e-mail conversation with the scammer.  More on that later.

The first warning came when I received an e-mail from Amazon thanking me for updating my account's e-mail address.  "What?" I thought.  "I didn't make any changes to my e-mail address for my Amazon account.  This must be a spam e-mail or a phishing attempt."  But no, it's not.  Upon examination of the e-mail, I saw that it was a legitimate message from Amazon Customer Support.

I immediately got to a computer and logged in to my Amazon account.  I usually have the "Remember Me" setting flagged in my browser at home, so when I opened Amazon.com I was greeted with "Hello, Mark."  "Good," I thought.  "My account is probably safe."

But when I clicked on the "Your Account" link to check my e-mail address, Amaz…