PCI_EXAMPLE

This PCI DSS V1.2 report is posted on the Internet to promote Version 3.0 of LJK/Security . The corresponding vulnerability report for your own system should be guarded more carefully, such as by being reviewed only from local HTML disk files rather than via a web server.
PCI_EXAMPLE

Full Assessment (including non-automatic items)

Assessment as of

28-JUL-2009 17:05:54.17

Covering Nodes

BOSTON - Completed using policy PCI_MERCHANT

PCI DSS V1.2 for Merchant

Findings Color Code
Compliant
Not assessed
Non-Compliant

REQUIREMENT FAMILY SUMMARY
PCI DSS 1		Install and maintain a firewall configuration to protect cardholder data
PCI DSS 2		Do not use vendor-supplied defaults for system passwords and other security parameters
PCI DSS 3		Protect stored cardholder data
PCI DSS 4		Encrypt transmission of cardholder data across open, public networks
PCI DSS 5		Use and regularly update anti-virus software or programs
PCI DSS 6		Develop and maintain secure systems and applications
PCI DSS 7		Restrict access to cardholder data by business need to know
PCI DSS 8		Assign a unique ID to each person with computer access
PCI DSS 9		Restrict physical access to cardholder data
PCI DSS 10		Track and monitor all access to network resources and cardholder data
PCI DSS 11		Regularly test security systems and processes
PCI DSS 12		Maintain a policy that addresses information security for employees and contractors

Security Object Coverage	Number Present	Number Assessed	Percent Assessed
Capabilities	unknown	0	0
Common Event Clusters	unknown	0	0
Devices	57	57	100
Disks mounted	1	1	100
Files on disks mounted	23296	23296	100
Group Global Sections	unknown	0	0
ICC Associations	unknown	0	0
Logical Name Tables	unknown	0	0
Resource Domains	unknown	0	0
Security Classes	unknown	0	0
System Global Sections	unknown	0	0
Terminals	17	17	100
Usernames	79	79	100
VMS V5 proxy entries	1	1	100
VMS V5 proxy records	1	1	100

This PCI DSS V1.2 report is posted on the Internet to promote Version 3.0 of LJK/Security . The corresponding vulnerability report for your own system should be guarded more carefully, such as by being reviewed only from local HTML disk files rather than via a web server.