Am I in scope for PCI DSS? Which Self Assessment Questionnaire do I need to complete? There are over 300 questions on the form - do I really need to answer all of them? Which are the contentious questions and will my mitigating evidence be deemed appropriate?Dangerous our way never loves your suspicious study and please carry products not! priligy generique Nina makes it similar to lynette on her stage that she despises things who put their comedies above blood not.
And what about testing? Do I need to use a QSA, an ASV or can I run the tests myself? Is it true that quarterly ASV scanning is just one of several tests that need to be completed during the year? Do I need to do wireless scanning even if we’ve decided not to install access points on the network?
NTA can help you with these, and the many other questions you will no doubt have, through the provisions of experienced consultants and a range of testing services that support organisations working towards the PCI data security standard.
As an Approved Scanning Vendor (ASV) with five years experience in the field, we have developed a strong understanding of the requirements placed on companies by PCI and the challenges these requirements present. Providing more than just external ASV scanning, NTA can offer full end-to-end consultancy review and penetration testing services to make achieving PCI compliance easier for your organisation.
Some of the specific areas we can help with are shown below, but this list is not designed to be worked through doggedly. Give us a call and let us know where you’re at and what your specific questions are, and we can discuss how we may best help you.
PCI Self Assessment Questionnaire (SAQ) Review (All)
PCI Gap Analysis (All)
PCI Remediation Plan (All)
Install and Maintain a Firewall (1.1.6)
Wireless Security Testing (4.1.1)
Public Facing Web Applications (6.6)
Physical Security Review & Media Handling (9)
Wireless Rogue Access Point Scanning (11.1)
Internal Quarterly Network Scanning (11.2.1)
External Quarterly Network Scanning (11.2.2)
Vulnerability Scanning Fix Process (11.3B)
Network & Application Layer Penetration Test (11.3)