PCI Compliance, 3rd Edition

Index

Access Control Entities (ACEs), 84

Access Control Lists (ACLs), 84

Access controls, 73

authentication

basics of, Requirement, 8, 76–84

and Requirements 8.5.1–8.5.7, 79–81

case study

loose permissions case, 99–100

stolen database case, 98–99

Cisco enforcing session timeout, 90–91

databases and Requirement 8.5.16, 83–84

educating users, 81–82

locking users out, Requirements 8.5.13–8.5.15, 82–83

multifactor authentication, 77

paper data, 94–95

password

design for PCI DSS, Requirements 8.5.8–8.5.12, 82

policy enforcement, 96

password complexity requirements, 89–90, 82

SUID and SGID, 89

PCI compliant access controls, 94

PCI DSS requirements, 73–94

physical security, 91–94

facility entry controls, 91

handling media, Requirements 9.5–9.10.2, ...

Get PCI Compliance, 3rd Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

PCI Compliance, 3rd Edition by Branden R. Williams, Anton Chuvakin