Home > IT Answers > Compliance > PCI

, , , , , , , , , VIEW ALL TAGS

12

  • Finger Print in PCI Compliance

    I would like to know recommendation about finger printing scan in PCI perspective. Thanks

    Compliance
    PCI
    Last updated:
    Answer
    alinaeem5 pointsBadges:

  • Role of QIR

    If someone is a QIR and they are going to install the certified payment application at a merchant site, but find that the merchant is running a non-compliant OS, then doesn't the QIR have to stop the install or proceed to perform the install but note that it was not installed per the applications...

    PCI
    PCI DSS
    QIR
    Last updated:
    Answer
    kbrown19135 pointsBadges:

  • PCI compliance scan in IIS: Information disclosure vulnerability

    In our PCI compliance scan, we still have this vulnerability in our website: Synopsis : The remote web server is affected by an information disclosure vulnerability. Description : The remote host appears to be running a version of IIS which allows remote users to determine which authentication...

    IIS
    PCI
    PCI compliance
    Last updated:
    Answer
    ITKE1,072,565 pointsBadges:

  • Changes to the audit log for PCI compliance

    For PCI compliance reasons, we had to configure auditd. Because PCI states that existing logs can't get changed without an alert. So we tried doing this: -w /var/log/ -k Logs_Accessed -p rwxa But will the auditctl command work? Thank you for your help.

    PCI
    PCI compliance
    Last updated:
    Answer
    ITKE1,072,565 pointsBadges:

  • How to make a virtualization server that’s running Xen PCI compliant?

    We have a server that's running Xen with HVM and we need to make one of our VMs PCI compliant. We've already read the PCI virtualization guide and it says that we need to make sure there's no information leakage between VMs. Is there a way to make sure each OS is unable to intercept data from other...

    Compliance
    PCI
    Xen
    Last updated:
    Answer
    ITKE1,072,565 pointsBadges:

  • Vulnerability from PCI scan

    We recently had a PCI scan on one of our websites that was passed to us by a client. Here's one of the vulnerabilities that we got back: Network service: 80/443 Application URL: The response contains SQL Server errors. This suggests that the hazardous characters inserted by the test penetrated the...

    Compliance
    PCI
    PCI DSS
    Last updated:
    Answer
    ITKE1,072,565 pointsBadges:

  • What’s the best service storing PCI sensitive data?

    I'm looking to build a web application that's going to handle sensitive PCI data (including banking numbers). What's the best service that can handle all of this data? My friend told me about Rackspace but I'm not sure about its PCI solution. I just need to make sure the database is secured and I...

    Data storage
    PCI
    PCI compliance
    Last updated:
    Answer
    ITKE1,072,565 pointsBadges:

  • Can we make Google App Engine PCI compliant?

    We're working with Google App Engine but several people in our organization have said that in order to have a PCI compliant cloud solution, we need to have a private cloud environment and we can't use App Engine. Does anyone know if this is true? Can we still use Google App Engine?

    Google App Engine
    PCI
    PCI compliance
    Last updated:
    Answer
    ITKE1,072,565 pointsBadges:

  • Configure PCI compliant environment

    I have a few questions related to PCI compliance (since my organization is starting to get into credit card processing). Basically, how can we configure a PCI compliant environment? And how do we secure a build server? Thanks!

    Compliance
    PCI
    PCI DSS
    Last updated:
    Answer
    ITKE1,072,565 pointsBadges:

  • What can we fix from our PCI scan?

    I'm pretty new to PCI and my organization just got the Trustkeeper PCI Scan and we got several results including: DB Accesibility SSLv2 Supported Ton of OpenSSL related vulnerabilities Apache Tomcat vulnerabilities BIND related vulnerabilities What vulnerabilities should be fixed by my company?...

    PCI
    PCI compliance
    Last updated:
    Answer
    ITKE1,072,565 pointsBadges:

  • PCI compliance issue with SQL injection

    We're working on a client's PCI compliance. Here's one of the failing issues: 3.1.4. Blind SQL Injection (httpgenericscriptblindsqlinjection) We found out that the issue might be with the OWA. Does anyone know how to fix this issue?

    PCI
    PCI compliance
    SQL
    Last updated:
    Answer
    ITKE1,072,565 pointsBadges:

  • Failed PCI compliance check on IIS

    Our website just failed a PCI Compliance check. Our report said the site supported weak ciphers. But we thought we disabled that by turning off the SSL on our web servers. What else we need to check? Should we look at the load balancer? Thank you very much!

    Compliance
    IIS
    PCI
    Last updated:
    Answer
    ITKE1,072,565 pointsBadges:

  • Is there a way to isolate PCI compliance?

    Our company is currently in the process (but not storing) of credit card data. We also authorize the cards through a developed app using the authorize.net API. Now, if it's possible, we would like to limit the requirements of PCI that would affect our servers to an isolated separate environment. Is...

    Compliance
    PCI
    PCI DSS
    Last updated:
    Answer
    ITKE1,072,565 pointsBadges:

  • What’s the cost of PCI compliance for a PHP script?

    I'm developing a single PHP script (it's for a new piece of software) which will collect cardholder information and store it in a MySQL database. Obviously, we're taking our security very seriously but we need some help. What scans do we need to find? After, what's the cost of PCI compliance for...

    Compliance
    PCI
    PHP
    Last updated:
    Answer
    ITKE1,072,565 pointsBadges:

  • PCI compliance rules for storing credit card numbers

    I apologize for the 'newbie' question but does anyone know what the PCI rules to follow are for storing credit card numbers in a database? Can anyone point me in the right direction?

    Compliance
    PCI
    PCI DSS
    Last updated:
    Answer
    ITKE1,072,565 pointsBadges:

  • Storing billing data in a MySQL database: A PCI compliance violation?

    For the past several months, I've been developing a shopping cart and I need to store Name, Billing, Address and Zip Code into a MySQL database. I'm doing this because a returning customer wouldn't have to re-enter billing information. Also, I'm not storing any credit data. Just to ask, am I in...

    Compliance
    MySQL
    PCI
    Last updated:
    Answer
    ITKE1,072,565 pointsBadges:

  • Does anyone know if Apache Tomcat is PCI compliant?

    Would anyone happen to know if Apache Tomcat is PCI compliant? I'm worried if there's any vulnerabilities where credit card PANs are stored. Thank you!

    Apache Tomcat
    PCI
    PCI DSS
    Last updated:
    Answer
    ITKE1,072,565 pointsBadges:

  • Making a desktop wireless without a PCI card?

    How can I make a desktop wireless without a PCI card? I have no available slots but I do have usb ports available and a Ethernet port. Is there some type of converter for this scenario? I can sacrifice the Ethernet (100/1000) for wireless.

    Ethernet
    Ethernet Ports
    PCI
    Last updated:
    View Answer
    ITKE1,072,565 pointsBadges:

  • What is the speed of a PCI-X expansion bus?

    What is the speed of a PCI-X expansion bus?

    PCI
    PCI Express
    Last updated:
    View Answer
    Babyc12095 pointsBadges:

  • Which encryption algorithm is the most recommended by the PCI standard?

    Does anyone know if AKA ver 2 protocol is PCI compliance?

    Encryption
    PCI
    Last updated:
    Answer
    Keren5 pointsBadges:
12

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

To follow this tag...

There was an error processing your information. Please try again later.

Thanks! We'll email you when relevant content is added and updated.

Following