[PCI DSS 1.x] 12.6.1 Educate employees upon hire and at least annually (for example, by letters, posters, memos, m
|
|
0
|
1991
|
March 18, 2007
|
[PCI DSS 1.x] 12.6 Implement a formal security awareness program to make all employees aware of the importance of
|
|
0
|
3012
|
March 18, 2007
|
[PCI DSS 1.x] 12.5.5 Monitor and control all access to data
|
|
0
|
2303
|
March 18, 2007
|
[PCI DSS 1.x] 12.5.4 Administer user accounts, including additions, deletions, and modifications
|
|
0
|
1990
|
March 18, 2007
|
[PCI DSS 1.x] 12.5.3 Establish, document, and distribute security incident response and escalation procedures to e
|
|
0
|
2577
|
March 18, 2007
|
[PCI DSS 1.x] 12.5.2 Monitor and analyze security alerts and information, and distribute to appropriate personnel
|
|
0
|
1918
|
March 18, 2007
|
[PCI DSS 1.x] 12.5.1 Establish, document, and distribute security policies and procedures
|
|
0
|
2346
|
March 18, 2007
|
[PCI DSS 1.x] 12.5 Assign to an individual or team the following information security management responsibilities:
|
|
0
|
1970
|
March 18, 2007
|
[PCI DSS 1.x] 12.4 Ensure that the security policy and procedures clearly define information security responsibili
|
|
0
|
2407
|
March 18, 2007
|
[PCI DSS 1.x] 12.3.9 Activation of modems for vendors only when needed by vendors, with immediate deactivation aft
|
|
0
|
1698
|
March 18, 2007
|
[PCI DSS 1.x] 12.3.8 Automatic disconnect of modem sessions after a specific period of inactivity
|
|
0
|
3183
|
March 18, 2007
|
[PCI DSS 1.x] 12.3.7 List of company-approved products
|
|
0
|
4346
|
March 18, 2007
|
[PCI DSS 1.x] 12.3.5 Acceptable uses of the technology
|
|
0
|
3587
|
March 18, 2007
|
[PCI DSS 1.x] 12.3.4 Labeling of devices with owner, contact information, and purpose
|
|
0
|
3893
|
March 18, 2007
|
[PCI DSS 1.x] 12.3.3 A list of all such devices and personnel with access
|
|
0
|
3341
|
March 18, 2007
|
[PCI DSS 1.x] 12.3.2 Authentication for use of the technology
|
|
0
|
2994
|
March 18, 2007
|
[PCI DSS 1.x] 12.3.1 Explicit management approval
|
|
0
|
2844
|
March 18, 2007
|
[PCI DSS 1.x] 12.3 Develop usage policies for critical employee-facing technologies (such as modems and wireless)
|
|
0
|
4421
|
March 18, 2007
|
[PCI DSS 1.x] 12.1.3 Includes a review at least once a year and updates when the environment changes
|
|
0
|
2978
|
March 18, 2007
|
[PCI DSS 1.x] 12.1.1 Addresses all requirements in this specification
|
|
0
|
3505
|
March 18, 2007
|
[PCI DSS 1.x] 11.4 Use network intrusion detection systems, host-based intrusion detection systems, and intrusion
|
|
0
|
6571
|
March 18, 2007
|
[PCI DSS 1.x] 11.3.2 Application-layer penetration tests
|
|
0
|
4818
|
March 18, 2007
|
[PCI DSS 1.x] 11.3.1 Network-layer penetration tests
|
|
0
|
4440
|
March 18, 2007
|
[PCI DSS 1.x] 10.7 Retain audit trail history for at least one year, with a minimum of three months available onli
|
|
0
|
14508
|
March 18, 2007
|
[PCI DSS 1.x] 10.6 Review logs for all system components at least daily. Log reviews must include those servers th
|
|
0
|
5565
|
March 18, 2007
|
[PCI DSS 1.x] 10.5.4 Copy logs for wireless networks onto a log server on the internal LAN
|
|
0
|
2209
|
March 18, 2007
|
[PCI DSS 1.x] 10.5.3 Promptly back up audit trail files to a centralized log server or media that is difficult to
|
|
0
|
3713
|
March 18, 2007
|
[PCI DSS 1.x] 10.5.2 Protect audit trail files from unauthorized modifications
|
|
0
|
3917
|
March 18, 2007
|
[PCI DSS 1.x] 10.5.1 Limit viewing of audit trails to those with a job-related need
|
|
0
|
3152
|
March 18, 2007
|
[PCI DSS 1.x] 10.5 Secure audit trails so they cannot be altered
|
|
0
|
3138
|
March 18, 2007
|