5.2

Question 1

What are the 12 Requirements for PCI DSS

Answer 1

• Install and maintain a firewall configuration to protect cardholder data
  -Do not use vendor-supplied defaults for system passwords and other security parameters
  -Protect stored cardholder data
  -Encrypt transmission of cardholder data across open, public networks
  -Protect all systems against malware and regularly update antivirus software or programs
  -Develop and maintain secure systems and applications
  -Restrict access to cardholder data by business need to know
  -Identify and authenticate access to system components
  -Restrict physical access to cardholder data
  -Track and monitor all access to network resources and cardholder data
  -Regularly test security systems and processes
  -Maintain a policy that address information security for all personnel