About the [RETIRED] PCI DSS v.1.x Questions and Answers category
|
|
0
|
88
|
January 23, 2023
|
[PCI DSS 1.x] 3.2 Do not store sensitive authentication data after authorization (even if encrypted).
|
|
4
|
13683
|
July 3, 2014
|
[PCI DSS 1.x] 1.2.3 Install perimeter firewalls between any wireless networks and the cardholder data en
|
|
2
|
11328
|
April 18, 2014
|
[PCI DSS 1.x] 1.2.1 Restrict inbound and outbound traffic to that which is necessary for the cardholder
|
|
2
|
10144
|
April 18, 2014
|
[PCI DSS 1.x] 12.1.2 Includes an annual process that identifies threats, and vulnerabilities, and results in a for
|
|
4
|
8856
|
February 5, 2014
|
[PCI DSS 1.x] 3.4 Render PAN, at minimum, unreadable anywhere it is stored (including on portable digita
|
|
18
|
33877
|
January 20, 2014
|
[PCI DSS 1.x] 12.8.2 Agreement that includes an acknowledgement that the service provider is responsible for the s
|
|
2
|
6234
|
January 13, 2014
|
[PCI DSS 1.x] 8.3 Implement two-factor authentication for remote access to the network by employees, administrato
|
|
3
|
16530
|
January 13, 2014
|
[PCI DSS 1.x] 1.1.2 Current network diagram with all connections to cardholder data, including any wirel
|
|
1
|
9372
|
January 13, 2014
|
[PCI DSS 1.x] 2.2.1 Implement only one primary function per server.
|
|
10
|
17856
|
December 11, 2013
|
[PCI DSS 1.x] 3.6.6 Split knowledge and establishment of dual control of cryptographic keys
|
|
7
|
10874
|
July 3, 2013
|
[PCI DSS 1.x] 1.3.2 Limit inbound Internet traffic to IP addresses within the DMZ.
|
|
5
|
7072
|
December 28, 2012
|
[PCI DSS 1.x] 3.6.2 Secure cryptographic key distribution
|
|
4
|
7781
|
March 16, 2012
|
[PCI DSS 1.x] 10.2.2 All actions taken by any individual with root or administrative privileges
|
|
6
|
12666
|
March 15, 2012
|
[PCI DSS 1.x] 11.5 Deploy file integrity monitoring software to alert personnel to unauthorized modification of cr
|
|
8
|
22885
|
March 8, 2012
|
[PCI DSS 1.x] 11.3 Perform penetration testing at least once a year and after any significant infrastructure or ap
|
|
1
|
4955
|
January 25, 2012
|
[PCI DSS 1.x] 1.1.4 Description of groups, roles, and responsibilities for logical management of network
|
|
2
|
9212
|
December 23, 2011
|
[PCI DSS 1.x] 12.3.6 Acceptable network locations for the technologies
|
|
2
|
10082
|
November 2, 2011
|
[PCI DSS 1.x] 6.1 Ensure that all system components and software have the latest vendor-supplied securit
|
|
6
|
13688
|
October 25, 2011
|
[PCI DSS 1.x] 6.5 Develop all web applications based on secure coding guidelines. such as the Open Web Application
|
|
1
|
5080
|
September 13, 2011
|
[PCI DSS 1.x] 2.2 Develop configuration standards for all system components. Assure that these standards
|
|
4
|
13949
|
August 19, 2011
|
[PCI DSS 1.x] 6.5.10 Insecure configuration management
|
|
1
|
5617
|
August 2, 2011
|
[PCI DSS 1.x] 1.3.1 Implement a DMZ to limit inbound and outbound traffic to only protocols that are nec
|
|
3
|
8268
|
July 31, 2011
|
[PCI DSS 1.x] 1.2.2 Secure and synchronize router configuration files.
|
|
1
|
6061
|
July 31, 2011
|
[PCI DSS 1.x] 1.3.3 Do not allow any direct routes inbound or outbound for traffic between the Internet
|
|
3
|
7364
|
July 31, 2011
|
[PCI DSS 1.x] 2.3 Encrypt all non-console administrative access. Use technologies such as SSH, VPN, or S
|
|
2
|
11840
|
July 29, 2011
|
[PCI DSS 1.x] 10.2 5 Use of identification and authentication mechanisms
|
|
8
|
14801
|
May 25, 2011
|
[PCI DSS 1.x] 1.1 Establish firewall and router configuration standards that include the following
|
|
8
|
15329
|
May 16, 2011
|
[PCI DSS 1.x] 5.1 Deploy anti-virus software on all systems commonly affected by malicious software (par
|
|
8
|
21607
|
May 11, 2011
|
[PCI DSS 1.x] 9.1 Use appropriate facility entry controls to limit and monitor physical access to systems that sto
|
|
1
|
12611
|
April 25, 2011
|