|
[PCI DSS 1.x] 6.3.1 Testing of all security patches, and system and software configuration changes befor
|
|
4
|
5142
|
November 12, 2009
|
|
[PCI DSS 1.x] 12.3.10 When accessing cardholder data remotely via modem, prohibition of storage of cardholder data
|
|
1
|
3893
|
September 30, 2009
|
|
[PCI DSS 1.x] 6.3 Develop software applications in accordance with PCI DSS (for example, secure authenti
|
|
1
|
3374
|
September 7, 2009
|
|
[PCI DSS 1.x] 3.2.2 Do not store the card-verification code or value (three-digit or four-digit number p
|
|
1
|
5007
|
August 3, 2009
|
|
[PCI DSS 1.x] 1.3.4 Do not allow internal addresses to pass from the Internet into the DMZ.
|
|
3
|
8451
|
June 22, 2009
|
|
[PCI DSS 1.x] 6.5.7 Improper error handling
|
|
2
|
3854
|
June 14, 2009
|
|
[PCI DSS 1.x] 3.6.4 Periodic cryptographic key changes
|
|
1
|
7428
|
April 22, 2009
|
|
[PCI DSS 1.x] 11.1 Test security controls, limitations, network connections, and restrictions annually to assure t
|
|
2
|
4987
|
March 16, 2009
|
|
[PCI DSS 1.x] 10.2.1 All individual accesses to cardholder data
|
|
2
|
5308
|
August 8, 2008
|
|
[PCI DSS 1.x] 1.3.8 Implement IP masquerading to prevent internal addresses from being translated and re
|
|
1
|
4371
|
June 3, 2008
|
|
[PCI DSS 1.x] 8.5.8 Do not use group, shared, or generic accounts and passwords
|
|
1
|
6439
|
February 12, 2008
|
|
[PCI DSS 1.x] 12.10.4 Connect and disconnect entities by following an established process
|
|
0
|
3034
|
March 18, 2007
|
|
[PCI DSS 1.x] 12.10.2 Ensure proper due diligence is conducted prior to connecting an entity
|
|
0
|
2849
|
March 18, 2007
|
|
[PCI DSS 1.x] 12.10.1 Maintain list of connected entities
|
|
0
|
3251
|
March 18, 2007
|
|
[PCI DSS 1.x] 12.10 All processors and service providers must maintain and implement policies and procedures to ma
|
|
0
|
2931
|
March 18, 2007
|
|
[PCI DSS 1.x] 12.9.6 Develop process to modify and evolve the incident response plan according to lessons learned
|
|
0
|
2144
|
March 18, 2007
|
|
[PCI DSS 1.x] 12.9.5 Include alerts from intrusion detection, intrusion prevention, and file integrity monitoring
|
|
0
|
3290
|
March 18, 2007
|
|
[PCI DSS 1.x] 12.9.4 Provide appropriate training to staff with security breach response responsibilities
|
|
0
|
2525
|
March 18, 2007
|
|
[PCI DSS 1.x] 12.9.3 Designate specific personnel to be available on a 24/7 basis to respond to alerts
|
|
0
|
1633
|
March 18, 2007
|
|
[PCI DSS 1.x] 12.9.2 Test the plan at least annually
|
|
0
|
1683
|
March 18, 2007
|
|
[PCI DSS 1.x] 12.9.1 Create the incident response plan to be implemented in the event of system compromise. Ensure
|
|
0
|
4706
|
March 18, 2007
|
|
[PCI DSS 1.x] 12.9 Implement an incident response plan. Be prepared to respond immediately to a system breach.
|
|
0
|
2303
|
March 18, 2007
|
|
[PCI DSS 1.x] 12.8.1 Service providers must adhere to the PCI DSS requirements
|
|
0
|
3199
|
March 18, 2007
|
|
[PCI DSS 1.x] 12.8 If cardholder data is shared with service providers, then contractually the following is requir
|
|
0
|
2234
|
March 18, 2007
|
|
[PCI DSS 1.x] 12.7 Screen potential employees to minimize the risk of attacks from internal sources.
For those em
|
|
0
|
2515
|
March 18, 2007
|
|
[PCI DSS 1.x] 12.6.2 Require employees to acknowledge in writing that they have read and understood the company's
|
|
0
|
3562
|
March 18, 2007
|
|
[PCI DSS 1.x] 12.6.1 Educate employees upon hire and at least annually (for example, by letters, posters, memos, m
|
|
0
|
1990
|
March 18, 2007
|
|
[PCI DSS 1.x] 12.6 Implement a formal security awareness program to make all employees aware of the importance of
|
|
0
|
3010
|
March 18, 2007
|
|
[PCI DSS 1.x] 12.5.5 Monitor and control all access to data
|
|
0
|
2302
|
March 18, 2007
|
|
[PCI DSS 1.x] 12.5.4 Administer user accounts, including additions, deletions, and modifications
|
|
0
|
1989
|
March 18, 2007
|