About the [RETIRED] PCI DSS v.1.x Questions and Answers category
|
|
0
|
34
|
January 23, 2023
|
[PCI DSS 1.x] 3.2 Do not store sensitive authentication data after authorization (even if encrypted).
|
|
4
|
13608
|
July 3, 2014
|
[PCI DSS 1.x] 1.2.3 Install perimeter firewalls between any wireless networks and the cardholder data en
|
|
2
|
11274
|
April 18, 2014
|
[PCI DSS 1.x] 1.2.1 Restrict inbound and outbound traffic to that which is necessary for the cardholder
|
|
2
|
10063
|
April 18, 2014
|
[PCI DSS 1.x] 12.1.2 Includes an annual process that identifies threats, and vulnerabilities, and results in a for
|
|
4
|
8791
|
February 5, 2014
|
[PCI DSS 1.x] 3.4 Render PAN, at minimum, unreadable anywhere it is stored (including on portable digita
|
|
18
|
33664
|
January 20, 2014
|
[PCI DSS 1.x] 12.8.2 Agreement that includes an acknowledgement that the service provider is responsible for the s
|
|
2
|
6173
|
January 13, 2014
|
[PCI DSS 1.x] 8.3 Implement two-factor authentication for remote access to the network by employees, administrato
|
|
3
|
16464
|
January 13, 2014
|
[PCI DSS 1.x] 1.1.2 Current network diagram with all connections to cardholder data, including any wirel
|
|
1
|
9301
|
January 13, 2014
|
[PCI DSS 1.x] 2.2.1 Implement only one primary function per server.
|
|
10
|
17799
|
December 11, 2013
|
[PCI DSS 1.x] 3.6.6 Split knowledge and establishment of dual control of cryptographic keys
|
|
7
|
10809
|
July 3, 2013
|
[PCI DSS 1.x] 1.3.2 Limit inbound Internet traffic to IP addresses within the DMZ.
|
|
5
|
7010
|
December 28, 2012
|
[PCI DSS 1.x] 3.6.2 Secure cryptographic key distribution
|
|
4
|
7722
|
March 16, 2012
|
[PCI DSS 1.x] 10.2.2 All actions taken by any individual with root or administrative privileges
|
|
6
|
12598
|
March 15, 2012
|
[PCI DSS 1.x] 11.5 Deploy file integrity monitoring software to alert personnel to unauthorized modification of cr
|
|
8
|
22832
|
March 8, 2012
|
[PCI DSS 1.x] 11.3 Perform penetration testing at least once a year and after any significant infrastructure or ap
|
|
1
|
4883
|
January 25, 2012
|
[PCI DSS 1.x] 1.1.4 Description of groups, roles, and responsibilities for logical management of network
|
|
2
|
9146
|
December 23, 2011
|
[PCI DSS 1.x] 12.3.6 Acceptable network locations for the technologies
|
|
2
|
10021
|
November 2, 2011
|
[PCI DSS 1.x] 6.1 Ensure that all system components and software have the latest vendor-supplied securit
|
|
6
|
13615
|
October 25, 2011
|
[PCI DSS 1.x] 6.5 Develop all web applications based on secure coding guidelines. such as the Open Web Application
|
|
1
|
5014
|
September 13, 2011
|
[PCI DSS 1.x] 2.2 Develop configuration standards for all system components. Assure that these standards
|
|
4
|
13885
|
August 19, 2011
|
[PCI DSS 1.x] 6.5.10 Insecure configuration management
|
|
1
|
5557
|
August 2, 2011
|
[PCI DSS 1.x] 1.3.1 Implement a DMZ to limit inbound and outbound traffic to only protocols that are nec
|
|
3
|
8203
|
July 31, 2011
|
[PCI DSS 1.x] 1.2.2 Secure and synchronize router configuration files.
|
|
1
|
5992
|
July 31, 2011
|
[PCI DSS 1.x] 1.3.3 Do not allow any direct routes inbound or outbound for traffic between the Internet
|
|
3
|
7295
|
July 31, 2011
|
[PCI DSS 1.x] 2.3 Encrypt all non-console administrative access. Use technologies such as SSH, VPN, or S
|
|
2
|
11742
|
July 29, 2011
|
[PCI DSS 1.x] 10.2 5 Use of identification and authentication mechanisms
|
|
8
|
14741
|
May 25, 2011
|
[PCI DSS 1.x] 1.1 Establish firewall and router configuration standards that include the following
|
|
8
|
15256
|
May 16, 2011
|
[PCI DSS 1.x] 5.1 Deploy anti-virus software on all systems commonly affected by malicious software (par
|
|
8
|
21533
|
May 11, 2011
|
[PCI DSS 1.x] 9.1 Use appropriate facility entry controls to limit and monitor physical access to systems that sto
|
|
1
|
12561
|
April 25, 2011
|