PCI DSS 1.0 and PCI DSS 1.1

Unanswered Question
May 2nd, 2007
User Badges:
  • Silver, 250 points or more

I was looking at the spec sheets and was wondering what are the differences between PCI DSS 1.0 and PCI DSS 1.1?

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
bmcgloth Wed, 05/02/2007 - 13:56
User Badges:
  • Cisco Employee,

here is a high summary of what is different, and a link to the full details of the differences:


Section 6.6 ? Added requirement for application code review or application firewall to be used

Section 11.1 Clarified that wireless analyzers should be used periodically, even if wireless is not currently deployed.

Section 12 - Added requirement for a policy to manage connected entities, including maintaining a list, implementing appropriate due diligence, ensuring connected entities are PCI DSS compliant, and having an established process to connect and disconnect entities.


https://www.pcisecuritystandards.org/pdfs/pci_summary_of_pci_dss_changes_v1-1.pdf



Actions

This Discussion