D - 20 2010
1 2008 12 28 2010 20 11 PCI DSS 12 PCI DSS 20 PCI DSS D 20 2010 (C) PCI Security Standards Council LLC 2010 i
i (PCI DSS) iv vi vi PCI DSS vii viii D - 1 D 1 D 1 1 1 1 2 5 8 3 8 4 13 14 5 14 6 14 20 7 20 8 21 9 25 29 10 29 11 31 12 37 37 PCI DSS D 20 2010 (C) PCI Security Standards Council LLC 2010 ii
PCI DSS 42 A1 42 44 46 47 49 PCI DSS D 20 2010 (C) PCI Security Standards Council LLC 2010 iii
DSS) (PCI PCI DSS (PCI DSS) - PCI DSS - (PCI DSS) - (PCI DSS) - 1 (PCI DSS) B - 1 (PCI DSS) C-VT - 1 (PCI DSS) - 1 (PCI DSS) D - 1 1 PCI DSS D 20 (PCI DSS) 2010 (C) PCI Security Standards Council LLC 2010 iv
- PCI DSS D 20 (PCI DSS) 2010 (C) PCI Security Standards Council LLC 2010 v
D - A C - ( ) - B - C-VT - - C - D - A-C D - A C - D D PCI DSS - PCI DSS PCI DSS C 20 2010 (C) PCI Security Standards Council LLC 2010 vi
PCI DSS 1 PCI DSS 2 D PCI DSS 3 ASV- (ASV Approved Scanning Vendor) PCI DSS 4 5 ASV- - ( - ) PCI DSS C 20 2010 (C) PCI Security Standards Council LLC 2010 vii
D PCI DSS ( 123 211 411) 111 ( ( 63 65) 91 94 POS- / ) PCI DSS C 20 2010 (C) PCI Security Standards Council LLC 2010 viii
- D - PCI DSS PCI DSS 1-1a URL- 1b URL- 2 - ( ) PCI DSS D 20-2010 (C) PCI Security Standards Council LLC 2010 1
PCI DSS 2a ) ( - - 2b PABP/PA-DSS 3 PCI DSS D ( - ) PCI SSC Approved Scanning Vendor (ASV) ( - ) PCI DSS PCI SSC Approved Scanning Vendor (ASV) ( - ) PCI DSS 4 4-3a - PCI DSS D 20-2010 (C) PCI Security Standards Council LLC 2010 2
D PCI DSS ( C) PCI DSS PCI DSS 2 CAV2 CVC2 CID CVV2 3-4 3b - - - - 4-4 - PCI DSS ( ) ( ) 2 3 4 - PIN- PCI DSS D 20-2010 (C) PCI Security Standards Council LLC 2010 3
PCI DSS 1 ( ) ( 2 3 4 5 6 7 8 9 10 11 12 PCI DSS D 20-2010 (C) PCI Security Standards Council LLC 2010 4
D PCI DSS PCI DSS 1 1a - URL- 1b URL- 2 PCI DSS 2a PCI DSS ( ) 3-D Secure PCI DSS D 20-2010 (C) PCI Security Standards Council LLC 2010 1
- POS- - PCI DSS PCI DSS D 20-2010 (C) PCI Security Standards Council LLC 2010 2
2b - PCI DSS 3-D Secure - POS- - 2c ( - ) 2d PABP/PA-DSS 3 PCI DSS D PCI SSC Approved Scanning Vendor (ASV) PCI DSS PCI DSS D 20-2010 (C) PCI Security Standards Council LLC 2010 3
PCI SSC Approved Scanning Vendor (ASV) PCI DSS 4 4 - PCI DSS D 20-2010 (C) PCI Security Standards Council LLC 2010 4
3a D PCI DSS ( C) PCI DSS PCI DSS 5 CAV2 CVC2 CID CVV2 6-7 3b 4-4 - 5 6 7 - PIN- PCI DSS D 20-2010 (C) PCI Security Standards Council LLC 2010 5
PCI DSS ( ) ( ) 1 2 3 4 5 6 7 8 9 10 11 12 PCI DSS D 20-2010 (C) PCI Security Standards Council LLC 2010 6
D PCI DSS PCI DSS 1 PCI DSS 11 111 112 ( ) 113 (a) DMZ 114 115 (a) ( HTTP SSL SSH VPN) ( / ) ( ) PCI DSS SAQ D 20 2010 (C) PCI Security Standards Council LLC 2010 1
PCI DSS 116 (a) FTP Telnet POP3 IMAP SMTP 12 121 (a) / 122 123-13 PCI DSS SAQ D 20 2010 (C) PCI Security Standards Council LLC 2010 2
PCI DSS 131 DMZ 132 - IP- DMZ 133 134 DMZ 135 136 ( ) 137 ( ) DMZ 138 (a) IP- IP- Network Address Translation (NAT); - / ; ; RFC1918 IP- PCI DSS SAQ D 20 2010 (C) PCI Security Standards Council LLC 2010 3
PCI DSS 14 (a) ) ( ( ) PCI DSS SAQ D 20 2010 (C) PCI Security Standards Council LLC 2010 4
2 PCI DSS 21 SNMP; 211 (a) (b) (c) - SNMP / 22 (a) (b) (CIS) SANS (NIST) (ISO) 62 ( / ) ( ) PCI DSS SAQ D 20 2010 (C) PCI Security Standards Council LLC 2010 5
PCI DSS (c) (d) 221 (a) ( - DNS- ) ) ( 222 (a) ( ) SSH S-FTP SSL IPSec VPN NetBIOS Telnet FTP 223 (a) 224 - PCI DSS SAQ D 20 2010 (C) PCI Security Standards Council LLC 2010 6
PCI DSS 23 SSL/TLS - SSH VPN (a) ( ) Telnet - 24 PCI DSS ( - ) PCI DSS SAQ D 20 2010 (C) PCI Security Standards Council LLC 2010 7
3 PCI DSS 31 311 (a) Y X ( ) ( / ) ( ) PCI DSS SAQ D 20 2010 (C) PCI Security Standards Council LLC 2010 8
PCI DSS 32 (a) 321 ( ) 1 2 ; (PAN); ; 322 CVC ( - ) 323 (PIN) PIN- PCI DSS SAQ D 20 2010 (C) PCI Security Standards Council LLC 2010 9
PCI DSS 33 PAN ( PAN 6 4) PAN POS- 34 PAN ( ) ( PAN) - ( PAN) One-Time-Pad ( ) (index tokens) PAN - PAN PAN 341 ( ) ) ( PCI DSS SAQ D 20 2010 (C) PCI Security Standards Council LLC 2010 10
PCI DSS ( ) 35 351 352 (a) 36 (a) (b) (c) 361-368 361 PCI DSS SAQ D 20 2010 (C) PCI Security Standards Council LLC 2010 11
PCI DSS 362 363 364 ( ) NIST) ( 800-57 365 (a) ( ) ( 366 ) (b) (c) ( 2-3 ) 367 368 ) ( PCI DSS SAQ D 20 2010 (C) PCI Security Standards Council LLC 2010 12
4 PCI DSS 41 (a) SSLTLS SSH IPSEC I DSS (b) (c) (d) ( ) (e) SSL/TLS URL- HTTPS URL- HTTPS 411 ( IEEE 80211i) 2010 WEP 30 42 (a) PAN ( ) (b) PAN ( / ) ( ) PCI DSS SAQ D 20 2010 (C) PCI Security Standards Council LLC 2010 13
5 PCI DSS 51 511 ( ) 52 (a) (b) (c) (d) 107 PCI DSS 6 PCI DSS 61 (a) ( / ) ( ) ( / ) ( ) PCI DSS SAQ D 20 2010 (C) PCI Security Standards Council LLC 2010 14
PCI DSS ( ) 62 (a) 40 CVSS; 63 (a) 30 2012 (b) (c) PCI DSS ( (d) 631 ) PCI DSS SAQ D 20 2010 (C) PCI Security Standards Council LLC 2010 15
PCI DSS 632 ) ( 65 PCI DSS) ( ) ( - DSS ; 66 PCI 64 641 642 643 ( PAN) PCI DSS SAQ D 20 2010 (C) PCI Security Standards Council LLC 2010 16
PCI DSS 644 645 (a) 6454 6451 6451 6452 6453 (a) 65 PCI DSS 6454 65 (a) ( OWASP SANS CWE Top 25 CERT ) (b) (c) 651 659 PCI DSS PCI DSS SAQ D 20 2010 (C) PCI Security Standards Council LLC 2010 17
PCI DSS 651 SQL- ( Xpath 652 ) LDAP 653 654 ( ) 655 ( 656 ( 62 PCI DSS) 30 2012 - ( ) 657 (XSS) ( - ) ) 658 ( URL ) ( ) 659 (CSRF) ( ) PCI DSS SAQ D 20 2010 (C) PCI Security Standards Council LLC 2010 18
PCI DSS 66 - ) o o o ( o o - - PCI DSS SAQ D 20 2010 (C) PCI Security Standards Council LLC 2010 19
7 PCI DSS 71 711 712 713 ) ( 714 72 721 722 723 ( / ) ( ) PCI DSS SAQ D 20 2010 (C) PCI Security Standards Council LLC 2010 20
8 PCI DSS 81 82 83 ( - ) RADIUS ; TACACS ( PCI DSS 82) ( ) 84 85 ( / ) ( ) PCI DSS SAQ D 20 2010 (C) PCI Security Standards Council LLC 2010 21
PCI DSS 851 ) ( 852 ( ) 853 854 855 90 856 857 858 ( ) - 859 (a) 90 PCI DSS SAQ D 20 2010 (C) PCI Security Standards Council LLC 2010 22
PCI DSS 8510 7 8511 (a) (a) 8512 8513 (a) 8514 8515 30 ( ) 15 8516 (a) ( ) PCI DSS SAQ D 20 2010 (C) PCI Security Standards Council LLC 2010 23
PCI DSS ( ) ( ) ( ) PCI DSS SAQ D 20 2010 (C) PCI Security Standards Council LLC 2010 24
9 PCI DSS 91 911 (a) POS- 912 (b) (c) ) 3 ( ( ) 913 / ( / ) ( ) PCI DSS SAQ D 20 2010 (C) PCI Security Standards Council LLC 2010 25
PCI DSS 92 (a) (b) 93 931 932 ( ) 933 94 (a) PCI DSS SAQ D 20 2010 (C) PCI Security Standards Council LLC 2010 26
PCI DSS 95 (a) (b) 96 ) ( 97 (a) (b) 971 972 98 ( ) 99 991 PCI DSS SAQ D 20 2010 (C) PCI Security Standards Council LLC 2010 27
PCI DSS 910-9101 (a) ) ( 9102 PCI DSS SAQ D 20 2010 (C) PCI Security Standards Council LLC 2010 28
10 PCI DSS 101 ( ) 102 1021 1022 1023 1024 102 5 1026 1027 103 1031 1032 1033 1034 1035 1036 ( / ) ( ) PCI DSS SAQ D 20 2010 (C) PCI Security Standards Council LLC 2010 29
PCI DSS 104 (a) Protocol) (Network Time 1041 (a) Atomic Time) (UTC) (International 1042 (a) 1043 ( ) IP- ( ) 105 1051 PCI DSS SAQ D 20 2010 (C) PCI Security Standards Council LLC 2010 30
PCI DSS 1052 1053 1054 ( DNS ) 1055 ( ) 106 106 (IDS) ( RADIUS) 107 (a) 3 11 PCI DSS ( / ) ( ) PCI DSS SAQ D 20 2010 (C) PCI Security Standards Council LLC 2010 31
PCI DSS 111 (NAC) IDS/IPS WLAN ; ); ( USB ( IDS/IPS ) ( 129) PCI DSS SAQ D 20 2010 (C) PCI Security Standards Council LLC 2010 32
PCI DSS 112 ) ( PCI DSS 1) 2) 3) PCI DSS 1121 (a) 62 PCI DSS ( QSA ASV ) 1122 (a) ASV- (ASV Program Guide) ( 40 (CVSS) ) PCI DSS SAQ D 20 2010 (C) PCI Security Standards Council LLC 2010 33
PCI DSS 1123 (a) SS (ASV) PCI ( ) 40 (CVSS); 62 PCI DSS ( QSA ASV ) 113 (a) (b) (c) - ) ( QSA ASV ) ( PCI DSS SAQ D 20 2010 (C) PCI Security Standards Council LLC 2010 34
PCI DSS 1131 1132 114 (a) 65 PCI DSS (b) IDS / IPS (c) 115 (a) ; ; ; PCI DSS SAQ D 20 2010 (C) PCI Security Standards Council LLC 2010 35
PCI DSS (b) ( - ) PCI DSS SAQ D 20 2010 (C) PCI Security Standards Council LLC 2010 36
12 PCI DSS 121 1211 1212 (a) PCI DSS ( 30) OCTAVE ISO 27005 NIST SP 800-1213 - 122 ( ) ( / ) ( ) PCI DSS SAQ D 20 2010 (C) PCI Security Standards Council LLC 2010 37
PCI DSS 123 ( ) 1231 1232 1233 1234 1235 1236 1237 1238 1239 12310 124 PCI DSS PCI DSS SAQ D 20 2010 (C) PCI Security Standards Council LLC 2010 38
PCI DSS 125 1251 1252 1253 1254 1255 126 (a) 1261 ( ) PCI DSS SAQ D 20 2010 (C) PCI Security Standards Council LLC 2010 39
PCI DSS 1262 127 ( ) 128 1281 1282 1283 1284 PCI DSS 129 1291 (a) (b) ; ; ; PCI DSS SAQ D 20 2010 (C) PCI Security Standards Council LLC 2010 40
PCI DSS ; ; ; 1292 1293 24/7 1294 1295 1296 PCI DSS SAQ D 20 2010 (C) PCI Security Standards Council LLC 2010 41
PCI DSS A1 PCI DSS A1 ( - ) A11 A14 - PCI DSS - PCI DSS PCI DSS A11 - CGI- A12 (a) / ( / ) ( ) PCI DSS D 20 2010 (C) PCI Security Standards Council LLC 2010 42
PCI DSS ( chroot jailshell ) ( ) A13 10 PCI DSS ( - ) A14 PCI DSS D 20 2010 (C) PCI Security Standards Council LLC 2010 43
PCI DSS - 1 PCI DSS 2 PCI DSS ( PCI DSS PCI DSS) 3 ( PCI DSS ) ) ) a) PCI DSS PCI DSS PCI DSS b) PCI DSS 1) ; 2) c) PCI DSS ) 34 ( 1) ; 2) IP- MAC- ; 3) 4 PCI DSS; PCI DSS C 20 2010 (C) PCI Security Standards Council LLC 2010 44
PCI DSS PCI DSS C 20 2010 (C) PCI Security Standards Council LLC 2010 45
1 2 3 4 ) ( 5 6 PCI DSS C 20 C 2010 (C) PCI Security Standards Council LLC 2010 46
81 1 XYZ Unix- LDAP- ( root ) root 2 - - 3 4 SU SU 5 XYZ SU root 6 XYZ PCI DSS C 20 C 2010 (C) PCI Security Standards Council LLC 2010 47 SU
root PCI DSS C 20 C 2010 (C) PCI Security Standards Council LLC 2010 48
/ 931 PCI DSS B 20 2010 (C) PCI Security Standards Council LLC 2010 49