NCA OT: PCI DSS 4.0 – Lists
List Name | List Description | List ID |
|---|---|---|
CCF: Allowed CDE => Internet App List | This list should be populated with the impacted applications, ports, and protocols which are allowed from the cardholder data environment network to the external internet. | -2058 |
CCF: Allowed Internal => Internal App List | This list should be populated with the impacted applications, ports, and protocols which are allowed from the internal environment network to the internal environment network. | -2059 |
CCF: Allowed Internal => Internet App List | This list should be populated with the impacted applications, ports, and protocols which are allowed from the internal environment network to the external internet. | -2060 |
CCF: Allowed Internet => CDE App List | This list should be populated with the impacted applications, ports, and protocols which are allowed from the external internet to the internal cardholder data environment network. | -2061 |
CCF: Allowed Internet => DMZ App List | This list should be populated with the impacted applications, ports, and protocols which are allowed from the external internet to the demilitarized zone environment network. | -2062 |
CCF: Allowed Internet => Internal App List | This list should be populated with the impacted applications, ports, and protocols which are allowed from the external internet environment to the internal environment network. | -2063 |
CCF: Allowed Test => Internal App List | This list should be populated with the impacted applications, ports, and protocols which are allowed from the test environment to the internal environment network. | -2064 |
CCF: Allowed Test => Internet App List | This list should be populated with the impacted applications, ports, and protocols which are allowed from the test environment network to the external internet. | -2065 |
CCF: Allowed Wireless => CDE App List | This list should be populated with the impacted applications, ports, and protocols which are allowed from the wireless environment network to the cardholder data environment network. | -2066 |
Insecure Applications List | This list is pre-populated with insecure impacted applications. | -2067 |
CCF: Cardholder Data Systems | This list should be populated with Cardholder Data Systems on the network. | -2070 |
CCF: Database Systems | This list should be populated with database systems on the network. | -2071 |
CCF: File Integrity Monitors | This list should be populated with file integrity monitoring systems on the network. | -2072 |
CCF: Network Security Systems | This list should be populated with network security systems (firewalls, intrusion detection/prevention, malware detection/prevention, network access control, remote access, virtual private network, vulnerability scanning) on the network. | -2073 |
CCF: Physical Security Systems | This list should be populated with physical security systems (badge/card readers & door access) on the network. | -2074 |
CCF: All Log Sources | This list is used in many of the package elements covering all of the defined log sources including: CCF: Cardholder Data Systems, CCF: Database Systems, CCF: File Integrity Monitors, PCI- DSS: Network Security Systems, CCF: Physical Security Systems | -2075 |
CCF: Cardholder Data Environment List | This list should be populated with internal IP addresses of your cardholder data. | -2076 |
CCF: DMZ Environment List | This list should be populated with internal IP addresses of your demilitarized zone network. | -2077 |
CCF: Internal Environment List | This list should be populated with internal IP addresses of your entire internal network. | -2078 |
CCF: Wireless Environment List | This list should be populated with internal IP addresses of your wireless network. | -2079 |
Default Accounts List | This list is pre-populated with all known default accounts. | -2080 |
Default Privileged Accounts: Database | This list is pre-populated with all known default privileged database accounts. | -2081 |
Default Privileged Accounts List | This list is pre-populated with all known default privileged accounts. | -2082 |
CCF: Disabled And Terminated Accounts List | This list should be populated with disabled or terminated accounts. | -2083 |
CCF: Vendor Accounts List | This list should be populated with vendor or 3rd party accounts. | -2084 |
CCF: Allowed DMZ => Internal App List | This list should be populated with the impacted applications, ports, and protocols which are allowed from the demilitarized zone environment to the internal network. | -2085 |
CCF: Test Environment List | This list should be populated with internal IP addresses of your test network. | -2086 |
CCF: Privileged Accounts List | This list should be populated with privileged accounts. | -2087 |
CCF: All Entities | This list should be used in tandem with the "CCF: All Log Sources" list. Entities designated specifically for PCI hosts and networks can be added to this list. | -2579 |