|
[PCI DSS 1.x] 12.6.1 Educate employees upon hire and at least annually (for example, by letters, posters, memos, m
|
|
0
|
2010
|
March 18, 2007
|
|
[PCI DSS 1.x] 12.6 Implement a formal security awareness program to make all employees aware of the importance of
|
|
0
|
3040
|
March 18, 2007
|
|
[PCI DSS 1.x] 12.5.5 Monitor and control all access to data
|
|
0
|
2327
|
March 18, 2007
|
|
[PCI DSS 1.x] 12.5.4 Administer user accounts, including additions, deletions, and modifications
|
|
0
|
2011
|
March 18, 2007
|
|
[PCI DSS 1.x] 12.5.3 Establish, document, and distribute security incident response and escalation procedures to e
|
|
0
|
2598
|
March 18, 2007
|
|
[PCI DSS 1.x] 12.5.2 Monitor and analyze security alerts and information, and distribute to appropriate personnel
|
|
0
|
1933
|
March 18, 2007
|
|
[PCI DSS 1.x] 12.5.1 Establish, document, and distribute security policies and procedures
|
|
0
|
2362
|
March 18, 2007
|
|
[PCI DSS 1.x] 12.5 Assign to an individual or team the following information security management responsibilities:
|
|
0
|
1985
|
March 18, 2007
|
|
[PCI DSS 1.x] 12.4 Ensure that the security policy and procedures clearly define information security responsibili
|
|
0
|
2416
|
March 18, 2007
|
|
[PCI DSS 1.x] 12.3.9 Activation of modems for vendors only when needed by vendors, with immediate deactivation aft
|
|
0
|
1710
|
March 18, 2007
|
|
[PCI DSS 1.x] 12.3.8 Automatic disconnect of modem sessions after a specific period of inactivity
|
|
0
|
3195
|
March 18, 2007
|
|
[PCI DSS 1.x] 12.3.7 List of company-approved products
|
|
0
|
4354
|
March 18, 2007
|
|
[PCI DSS 1.x] 12.3.5 Acceptable uses of the technology
|
|
0
|
3598
|
March 18, 2007
|
|
[PCI DSS 1.x] 12.3.4 Labeling of devices with owner, contact information, and purpose
|
|
0
|
3908
|
March 18, 2007
|
|
[PCI DSS 1.x] 12.3.3 A list of all such devices and personnel with access
|
|
0
|
3353
|
March 18, 2007
|
|
[PCI DSS 1.x] 12.3.2 Authentication for use of the technology
|
|
0
|
3001
|
March 18, 2007
|
|
[PCI DSS 1.x] 12.3.1 Explicit management approval
|
|
0
|
2863
|
March 18, 2007
|
|
[PCI DSS 1.x] 12.3 Develop usage policies for critical employee-facing technologies (such as modems and wireless)
|
|
0
|
4436
|
March 18, 2007
|
|
[PCI DSS 1.x] 12.1.3 Includes a review at least once a year and updates when the environment changes
|
|
0
|
2991
|
March 18, 2007
|
|
[PCI DSS 1.x] 12.1.1 Addresses all requirements in this specification
|
|
0
|
3515
|
March 18, 2007
|
|
[PCI DSS 1.x] 11.4 Use network intrusion detection systems, host-based intrusion detection systems, and intrusion
|
|
0
|
6594
|
March 18, 2007
|
|
[PCI DSS 1.x] 11.3.2 Application-layer penetration tests
|
|
0
|
4840
|
March 18, 2007
|
|
[PCI DSS 1.x] 11.3.1 Network-layer penetration tests
|
|
0
|
4463
|
March 18, 2007
|
|
[PCI DSS 1.x] 10.7 Retain audit trail history for at least one year, with a minimum of three months available onli
|
|
0
|
14531
|
March 18, 2007
|
|
[PCI DSS 1.x] 10.6 Review logs for all system components at least daily. Log reviews must include those servers th
|
|
0
|
5588
|
March 18, 2007
|
|
[PCI DSS 1.x] 10.5.4 Copy logs for wireless networks onto a log server on the internal LAN
|
|
0
|
2230
|
March 18, 2007
|
|
[PCI DSS 1.x] 10.5.3 Promptly back up audit trail files to a centralized log server or media that is difficult to
|
|
0
|
3732
|
March 18, 2007
|
|
[PCI DSS 1.x] 10.5.2 Protect audit trail files from unauthorized modifications
|
|
0
|
3937
|
March 18, 2007
|
|
[PCI DSS 1.x] 10.5.1 Limit viewing of audit trails to those with a job-related need
|
|
0
|
3181
|
March 18, 2007
|
|
[PCI DSS 1.x] 10.5 Secure audit trails so they cannot be altered
|
|
0
|
3154
|
March 18, 2007
|