Digital Forensics and Incident Response | DFIR
  • Blog
  • Infosec
  • Windows Forensics
  • Mac Forensics
  • Memory Forensics
  • Incident Response
  • Contact

What are the 12 PCI Requirements

2/23/2018

0 Comments

 

  1. Have Firewall
  2. No Defaults
  3. Protect Stored Data
    1. Hashing the entire PAN using strong cryptography while transferring
  4. Encrypt Transmission of Data over network
  5. Have Antivirus
  6. Develop and Maintain Secure System and applications
  7. Restrict access to card holder data - Role based access control.
    1. Restrict access to cardholder data by business need-to-know
  8. Assign a Unique ID to each person with computer access
    1. A digital certificate is a valid for "something you have" as long as it is unique for a particular user.
    2. ​Identify and authenticate access to system components
  9. Restrict Physical Access to Card Holder Data
  10. Track and Monitor all access to cardholder data and networks resources 
  11. Test Regularly
  12. Have a policy
    1. Information Security Policies must be reviewed/updated Yearly to meet requirement.
0 Comments



Leave a Reply.

    Join DFIR Global Slack Channel 

    Mac Forensics
    Windows Forensics
    Forensic Tools

    Categories

    All
    Attack
    Bash
    Bigdata
    Corporate
    Ctf
    Data
    Digital Forensics
    Docker
    EDR
    Forensics
    Hacking
    Hadoop
    HDFS
    Health Care
    Linux
    Memory
    Network
    Network Forensics
    PCIP
    SQL
    Windows
    Wireshark

    Archives

    October 2019
    September 2019
    July 2019
    June 2019
    May 2019
    March 2019
    April 2018
    March 2018
    February 2018
    July 2017
    June 2017
    May 2017
    November 2015
    October 2015
    July 2015
    June 2015
    May 2015
    April 2015
    March 2015

    RSS Feed