PCI DSS FAQ - Payment Card Industry (PCI) Data Security Standard Discussion Forum

		PCI DSS FAQ - Payment Card Industry (PCI) Data Security Standard Discussion Forum
Search Forums

Search Forums

Search by Keyword

Keyword(s):

Search by User Name

User Name:
	Exact name

Search Options

Find Threads with

Replies

Find Posts from

Sort Results by

Show Results as

Threads Posts

Search by Tag

Tag:

Search in Forum(s)

Also search in child forums

These are the 17 most-searched-for thread tags

Search Tag Cloud

business intelligence uk configuration cryptographic key changes dmz fbi firewall network diagram pa-dss ports re-key rekey router services stolen credit card strong authentication training visa

All times are GMT -4. The time now is 07:06 PM.

Search All Open Forums
Search Subscribed Forums
News And Announcements
Payment Card Industry News And Announcements
Payment Card Industry Security Incidents
Payment Card Industry Data Security Standard Frequently Asked Questions (PCI DSS FAQ)
Build and Maintain a Secure Network
[PCI-DSS] Requirement 1: Install and maintain a firewall configuration to protect cardholder data
[PCI-DSS] Requirement 2: Do not use vendor-supplied defaults for system passwords and other security
Protect Cardholder Data
[PCI-DSS] Requirement 3: Protect stored cardholder data
[PCI-DSS] Requirement 4: Encrypt transmission of cardholder data across open, public networks
Maintain a Vulnerability Management Program
[PCI-DSS] Requirement 5: Use and regularly update anti-virus software
[PCI-DSS] Requirement 6: Develop and maintain secure systems and applications
Implement Strong Access Control Measures
[PCI-DSS] Requirement 7: Restrict access to cardholder data by business need-to-know
[PCI-DSS] Requirement 8: Assign a unique ID to each person with computer access
[PCI-DSS] Requirement 9: Restrict physical access to cardholder data
Regularly Monitor and Test Networks
[PCI-DSS] Requirement 10: Track and monitor all access to network resources and cardholder data
[PCI-DSS] Requirement 11: Regularly test security systems and processes.
Maintain an Information Security Policy
[PCI-DSS] Requirement 12: Maintain a policy that addresses information security
Appendix A: PCI DSS Applicability for Hosting Providers
Requirement A.1: Hosting providers protect cardholder data environment
PA-DSS - Payment Application Data Security Standards
[PA-DSS] 1. Do not retain full magnetic stripe, card validation code or value (CAV2, CID, CVC2, CVV
[PA-DSS] 2. Protect stored cardholder data
[PA-DSS] 3. Provide secure authentication features
[PA-DSS] 4. Log payment application activity
[PA-DSS] 5. Develop secure payment applications
[PA-DSS] 6. Protect wireless transmissions
[PA-DSS] 7. Test payment applications to address vulnerabilities
[PA-DSS] 8. Facilitate secure network implementation
[PA-DSS] 9. Cardholder data must never be stored on a server connected to the Internet
[PA-DSS] 10. Facilitate secure remote software updates
[PA-DSS] 11. Facilitate secure remote access to payment application
[PA-DSS] 12. Encrypt sensitive traffic over public networks
[PA-DSS] 13. Encrypt all non-console administrative access
[PA-DSS] 14. Maintain instructional documentation and training programs for customers, resellers, an
Test and Practice forum
Test Forum
Comments