PCI DSS FAQ - Payment Card Industry (PCI) Data Security Standard Discussion Forum
Search Forums
User Name
Remember Me?
Password
Register
FAQ
Members List
Calendar
Search
Today's Posts
Mark Forums Read
Search Forums
Search by Keyword
Keyword(s):
Search Entire Posts
Search Titles Only
Search by User Name
User Name:
Find Posts by User
Find Threads Started by User
Exact name
Search Options
Find Threads with
At Least
At Most
Replies
Find Posts from
Any Date
Your Last Visit
Yesterday
A Week Ago
2 Weeks Ago
A Month Ago
3 Months Ago
6 Months Ago
A Year Ago
and Newer
and Older
Sort Results by
Relevancy
Title
Number of Replies
Number of Views
Thread Start Date
Last Posting Date
User Name
Forum
in Descending Order
in Ascending Order
Show Results as
Threads
Posts
Search by Tag
Tag:
Search in Forum(s)
Search All Open Forums
Search Subscribed Forums
News And Announcements
Payment Card Industry News And Announcements
Payment Card Industry Security Incidents
Payment Card Industry Data Security Standard Frequently Asked Questions (PCI DSS FAQ)
Build and Maintain a Secure Network
[PCI-DSS] Requirement 1: Install and maintain a firewall configuration to protect cardholder data
[PCI-DSS] Requirement 2: Do not use vendor-supplied defaults for system passwords and other security
Protect Cardholder Data
[PCI-DSS] Requirement 3: Protect stored cardholder data
[PCI-DSS] Requirement 4: Encrypt transmission of cardholder data across open, public networks
Maintain a Vulnerability Management Program
[PCI-DSS] Requirement 5: Use and regularly update anti-virus software
[PCI-DSS] Requirement 6: Develop and maintain secure systems and applications
Implement Strong Access Control Measures
[PCI-DSS] Requirement 7: Restrict access to cardholder data by business need-to-know
[PCI-DSS] Requirement 8: Assign a unique ID to each person with computer access
[PCI-DSS] Requirement 9: Restrict physical access to cardholder data
Regularly Monitor and Test Networks
[PCI-DSS] Requirement 10: Track and monitor all access to network resources and cardholder data
[PCI-DSS] Requirement 11: Regularly test security systems and processes.
Maintain an Information Security Policy
[PCI-DSS] Requirement 12: Maintain a policy that addresses information security
Appendix A: PCI DSS Applicability for Hosting Providers
Requirement A.1: Hosting providers protect cardholder data environment
PA-DSS - Payment Application Data Security Standards
[PA-DSS] 1. Do not retain full magnetic stripe, card validation code or value (CAV2, CID, CVC2, CVV
[PA-DSS] 2. Protect stored cardholder data
[PA-DSS] 3. Provide secure authentication features
[PA-DSS] 4. Log payment application activity
[PA-DSS] 5. Develop secure payment applications
[PA-DSS] 6. Protect wireless transmissions
[PA-DSS] 7. Test payment applications to address vulnerabilities
[PA-DSS] 8. Facilitate secure network implementation
[PA-DSS] 9. Cardholder data must never be stored on a server connected to the Internet
[PA-DSS] 10. Facilitate secure remote software updates
[PA-DSS] 11. Facilitate secure remote access to payment application
[PA-DSS] 12. Encrypt sensitive traffic over public networks
[PA-DSS] 13. Encrypt all non-console administrative access
[PA-DSS] 14. Maintain instructional documentation and training programs for customers, resellers, an
Test and Practice forum
Test Forum
Comments
Also search in child forums
These are the 15 most-searched-for thread tags
Search Tag Cloud
configuration
cryptographic key changes
dmz
fbi
firewall
network diagram
pa-dss
ports
re-key
rekey
router
services
stolen credit card
training
visa
All times are GMT -4. The time now is
12:01 AM
.
Contact Us
-
PCI DSS FAQ - Payment Card Industry (PCI) Data Security Standard Discussion Forum
-
Archive
-
Top
All logos and trademarks in this site are property of their respective owner.
The comments are property of their posters, all the rest ©1997 - 2010 by PCIDSSFAQ.ORG, except where noted otherwise.
Powered by vBulletin, Copyright ©2000 - 2010, Jelsoft Enterprises Ltd.
PCI-DSS Forum
|
PA-DSS Forum