PCI DSS

Defined Approach Requirements 1.2.4 An accurate data-flow diagram(s) is maintained that meets the following: • Shows all account data flows...

Defined Approach Requirements 1.2.5 All services, protocols, and ports allowed are identified, approved, and have a defined business need. Customized...

Defined Approach Requirements 1.2.6 Security features are defined and implemented for all services, protocols, and ports that are in use...

Defined Approach Requirements 1.2.7 Configurations of NSCs are reviewed at least once every six months to confirm they are relevant...

Defined Approach Requirements 1.2.8 Configuration files for NSCs are: • Secured from unauthorized access. • Kept consistent with active network...

Defined Approach Requirements 1.3.1 Inbound traffic to the CDE is restricted as follows: • To only traffic that is necessary....

Defined Approach Requirements 1.3.2 Outbound traffic from the CDE is restricted as follows: • To only traffic that is necessary....

Defined Approach Requirements 1.3.3 NSCs are installed between all wireless networks and the CDE, regardless of whether the wireless network...

Defined Approach Requirements 1.4.1 NSCs are implemented between trusted and untrusted networks. Customized Approach Objective Unauthorized traffic cannot traverse network...

Defined Approach Requirements 1.4.2 Inbound traffic from untrusted networks to trusted networks is restricted to: • Communications with system components...