[READ-ONLY] Archives   [RETIRED] PCI DSS v3.0 Questions and Answers Forum

Build and Maintain a Secure Network and Systems (R Requirement 1: Install and maintain a firewall configuration to protect cardholder data Requirement 2: Do not use vendor-supplied defaults for system passwords and other security parameters Protect Cardholder Data (Requirements 3-4) Requirement 3: Protect stored cardholder data Requirement 4: Encrypt transmission of cardholder data across open, public networks Maintain a Vulnerability Management Program (Requi Requirement 5: Protect all systems against malware and regularly update anti-virus software or programs Requirement 6: Develop and maintain secure systems and applications Implement Strong Access Control Measures (Requirem Requirement 7: Restrict access to cardholder data by business need to know Requirement 8: Identify and authenticate access to system components Requirement 9: Restrict physical access to cardholder data Regularly Monitor and Test Networks (Requirements Requirement 10: Track and monitor all access to network resources and cardholder data Requirement 11: Regularly test security systems and processes Maintain an Information Security Policy (Requireme Requirement 12: Maintain a policy that addresses information security for all personnel Appendix