Question

3. To perform a PCI DSS compliance audit, what elements must be in your audit checklist that pertain to the System/Application Domain?

4. As per the SAQ-D and Attestation of Compliance, what are the four major elements a merchant must achieve as part of PCI DSS compliance?

5. Which requirements in PCI DSS SAQ-D apply to vulnerability assessment and vulnerability management for production credit card transaction-processing servers?

Answer 1

To perform a PCI DSS compliance audit, what elements must be in your audit checklist that pertain to the System/Application Domain?

Making sure HTTPS is used in transactions.

Using encryptions in data or information transfers from one system to another.

Documents should be set to either Low, Medium or High in accessing risk.

As per the SAQ-D and Attestation of Compliance, what are the four major elements a merchant must achieve as part of PCI DSS compliance?

1. Complete the Self-Assessment Questionnaire (SAQ D) according to the instructions in the in the Self-Assessment Questionnaire Instructions and Guideline.

2. Complete a passing vulnerability scan with a PCI SSC approved scanning vender and obtain evidence of a passing scan from the ASV.

3. Complete the attestation of compliance in its entirety.

4. Submit the SAQ evidence of a passing scan, and the attestation of compliance, along with any other requested documentation, to you acquirer or to the payment brand or other requester.

Which requirements in PCI DSS SAQ-D apply to vulnerability assessment and vulnerability management for production credit card transaction-processing servers?

Requirement 5 Use regularly update anti virus software or programs

Requirement 6 Develop and maintain secure systems and applications