About the [RETIRED] PA-DSS v.1.x Questions and Answers category
|
|
0
|
65
|
January 23, 2023
|
[PA-DSS] 2.4 If disk encryption is used (rather than file- or column-level database encryption), log
|
|
1
|
6888
|
November 11, 2013
|
[PA-DSS] 12.1 If the payment application sends, or facilitates sending, cardholder data over public
|
|
1
|
13504
|
June 7, 2011
|
[PA-DSS] 3.3 Encrypt payment application passwords during transmission and storage, using strong cry
|
|
1
|
10509
|
August 30, 2010
|
[PA-DSS] 5.2.4 Insecure direct object references (do not expose internal object references to users)
|
|
1
|
2954
|
June 30, 2010
|
[PA-DSS] 2.5 Payment application must protect encryption keys used for encryption of cardholder dat
|
|
8
|
7547
|
May 24, 2010
|
[PA-DSS] 14.2.1 Update the training materials on an annual basis and whenever new payment applicatio
|
|
1
|
10045
|
February 2, 2010
|
[PA-DSS] 12.2 The payment application must never send unencrypted PANs by end-user messaging technol
|
|
0
|
3841
|
March 18, 2007
|
[PA-DSS] 5.2.10 Failure to restrict URL access (consistently enforce access control in presentation
|
|
0
|
1565
|
March 18, 2007
|
[PA-DSS] 5.3.2 Management sign-off by appropriate parties
|
|
0
|
1355
|
March 18, 2007
|
[PA-DSS] 5.3.1 Documentation of impact
|
|
0
|
1672
|
March 18, 2007
|
[PA-DSS] 5.2.8 Insecure cryptographic storage (prevent cryptographic flaws)
|
|
0
|
1831
|
March 18, 2007
|
[PA-DSS] 5.2.7 Broken authentication and session management (properly authenticate users and protect
|
|
0
|
2960
|
March 18, 2007
|
[PA-DSS] 5.3 Software vendor must follow change control procedures for all product software configur
|
|
0
|
1498
|
March 18, 2007
|
[PA-DSS] 5.4 The payment application must not use or require use of unnecessary and insecure servic
|
|
0
|
1751
|
March 18, 2007
|
[PA-DSS] 14.1 Develop, maintain, and disseminate a PA-DSS Implementation Guide(s) for customers, res
|
|
0
|
3101
|
March 18, 2007
|
[PA-DSS] 5.2.9 Insecure communications (properly encrypt all authenticated and sensitive communicat
|
|
0
|
1571
|
March 18, 2007
|
[PA-DSS] 7.2 Software vendors must establish a process for timely development and deployment of secu
|
|
0
|
2332
|
March 18, 2007
|
[PA-DSS] 7.1 Software vendors must establish a process to identify newly discovered security vulnera
|
|
0
|
10612
|
March 18, 2007
|
[PA-DSS] 11.1 The payment application must not interfere with use of a two-factor authentication mec
|
|
0
|
11304
|
March 18, 2007
|
[PA-DSS] 11.2 If the payment application may be accessed remotely, remote access to the payment appl
|
|
0
|
3836
|
March 18, 2007
|
[PA-DSS] 5.3.4 Back-out or product de-installation procedures
|
|
0
|
1489
|
March 18, 2007
|
[PA-DSS] 14.1.1 Addresses all requirements in this document wherever the PA-DSS Implementation Guide
|
|
0
|
2254
|
March 18, 2007
|
[PA-DSS] 14.1.2 Includes a review at least annually and updates to keep the documentation current wi
|
|
0
|
1858
|
March 18, 2007
|
[PA-DSS] 11.3 If vendors, resellers/integrators, or customers can access customer's payment applicat
|
|
0
|
2436
|
March 18, 2007
|
[PA-DSS] 10.1 If payment application updates are delivered via remote access into customers' systems
|
|
0
|
11148
|
March 18, 2007
|
[PA-DSS] 6.2 For payment applications using wireless technology, payment application must facilitate
|
|
0
|
2450
|
March 18, 2007
|
[PA-DSS] 6.1 For payment applications using wireless technology, the wireless technology must be imp
|
|
0
|
9648
|
March 18, 2007
|
[PA-DSS] 8.1 The payment application must be able to be implemented into a secure network environmen
|
|
0
|
10176
|
March 18, 2007
|
[PA-DSS] 5.3.3 Testing of operational functionality
|
|
0
|
1335
|
March 18, 2007
|