Question

a service technician for your location’s revenue control equipment states that it is necessary to gather the information stored in the machine to email back to the home office to have the other service technicians review it. you should: offer to email the information to the equipment vendor. allow the technician to do whatever they need to do. copy the data onto a portable flash drive and give to the technician. ensure the equipment vendor complies with all metropolis, pci dss, and facta regulations for storing cardholder data.

Explanation:

This question relates to handling cardholder data (from revenue control equipment, likely involving payment systems). PCI DSS (Payment Card Industry Data Security Standard), FACTA (Fair and Accurate Credit Transactions Act), and Metropolis (possibly a local regulation) are relevant for data security. When dealing with such data, ensuring the vendor complies with these regulations for storage is crucial. The other options: offering to email (no check on compliance), allowing technician free rein (no security check), or copying to flash drive (risky for data security) are less secure. So the correct approach is to ensure vendor compliance with regulations.

Answer:

D. Ensure the equipment vendor complies with all Metropolis, PCI DSS, and FACTA regulations for storing cardholder data.