|
List Name |
List Description |
List ID |
|---|---|---|
|
CCF: Allowed CDE => Internet App List |
This list should be populated with the impacted applications, ports, and protocols which are allowed from the cardholder data environment network to the external internet. |
-2058 |
|
CCF: Allowed Internal => Internal App List |
This list should be populated with the impacted applications, ports, and protocols which are allowed from the internal environment network to the internal environment network. |
-2059 |
|
CCF: Allowed Internal => Internet App List |
This list should be populated with the impacted applications, ports, and protocols which are allowed from the internal environment network to the external internet. |
-2060 |
|
CCF: Allowed Internet => CDE App List |
This list should be populated with the impacted applications, ports, and protocols which are allowed from the external internet to the internal cardholder data environment network. |
-2061 |
|
CCF: Allowed Internet => DMZ App List |
This list should be populated with the impacted applications, ports, and protocols which are allowed from the external internet to the demilitarized zone environment network. |
-2062 |
|
CCF: Allowed Internet => Internal App List |
This list should be populated with the impacted applications, ports, and protocols which are allowed from the external internet environment to the internal environment network. |
-2063 |
|
CCF: Allowed Test => Internal App List |
This list should be populated with the impacted applications, ports, and protocols which are allowed from the test environment to the internal environment network. |
-2064 |
|
CCF: Allowed Test => Internet App List |
This list should be populated with the impacted applications, ports, and protocols which are allowed from the test environment network to the external internet. |
-2065 |
|
CCF: Allowed Wireless => CDE App List |
This list should be populated with the impacted applications, ports, and protocols which are allowed from the wireless environment network to the cardholder data environment network. |
-2066 |
|
Insecure Applications List |
This list is pre-populated with insecure impacted applications. |
-2067 |
|
CCF: Cardholder Data Systems |
This list should be populated with Cardholder Data Systems on the network. |
-2070 |
|
CCF: Database Systems |
This list should be populated with database systems on the network. |
-2071 |
|
CCF: File Integrity Monitors |
This list should be populated with file integrity monitoring systems on the network. |
-2072 |
|
CCF: Network Security Systems |
This list should be populated with network security systems (firewalls, intrusion detection/prevention, malware detection/prevention, network access control, remote access, virtual private network, vulnerability scanning) on the network. |
-2073 |
|
CCF: Physical Security Systems |
This list should be populated with physical security systems (badge/card readers & door access) on the network. |
-2074 |
|
CCF: All Log Sources |
This list is used in many of the package elements covering all of the defined log sources including: CCF: Cardholder Data Systems, CCF: Database Systems, CCF: File Integrity Monitors, PCI- DSS: Network Security Systems, CCF: Physical Security Systems |
-2075 |
|
CCF: Cardholder Data Environment List |
This list should be populated with internal IP addresses of your cardholder data. |
-2076 |
|
CCF: DMZ Environment List |
This list should be populated with internal IP addresses of your demilitarized zone network. |
-2077 |
|
CCF: Internal Environment List |
This list should be populated with internal IP addresses of your entire internal network. |
-2078 |
|
CCF: Wireless Environment List |
This list should be populated with internal IP addresses of your wireless network. |
-2079 |
|
Default Accounts List |
This list is pre-populated with all known default accounts. |
-2080 |
|
Default Privileged Accounts: Database |
This list is pre-populated with all known default privileged database accounts. |
-2081 |
|
Default Privileged Accounts List |
This list is pre-populated with all known default privileged accounts. |
-2082 |
|
CCF: Disabled And Terminated Accounts List |
This list should be populated with disabled or terminated accounts. |
-2083 |
|
CCF: Vendor Accounts List |
This list should be populated with vendor or 3rd party accounts. |
-2084 |
|
CCF: Allowed DMZ => Internal App List |
This list should be populated with the impacted applications, ports, and protocols which are allowed from the demilitarized zone environment to the internal network. |
-2085 |
|
CCF: Test Environment List |
This list should be populated with internal IP addresses of your test network. |
-2086 |
|
CCF: Privileged Accounts List |
This list should be populated with privileged accounts. |
-2087 |
|
CCF: All Entities |
This list should be used in tandem with the "CCF: All Log Sources" list. Entities designated specifically for PCI hosts and networks can be added to this list. |
-2579 |