PCI Compliance, 3rd Edition

Index

Access Control Entities (ACEs), 84

Access Control Lists (ACLs), 84

Access controls, 73

authentication

basics of, Requirement, 8, 76–84

and Requirements 8.5.1–8.5.7, 79–81

case study

loose permissions case, 99–100

stolen database case, 98–99

Cisco enforcing session timeout, 90–91

databases and Requirement 8.5.16, 83–84

educating users, 81–82

locking users out, Requirements 8.5.13–8.5.15, 82–83

multifactor authentication, 77

paper data, 94–95

password

design for PCI DSS, Requirements 8.5.8–8.5.12, 82

policy enforcement, 96

password complexity requirements, 89–90, 82

SUID and SGID, 89

PCI compliant access controls, 94

PCI DSS requirements, 73–94

physical security, 91–94

facility entry controls, 91

handling media, Requirements 9.5–9.10.2, ...

Get PCI Compliance, 3rd Edition now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.

PCI Compliance, 3rd Edition by Branden R. Williams, Anton Chuvakin