PCI Definitions
Blackink Employee Handbook
Random
PCI Requirements
100

Form for merchants and service providers to attest to the results of a PCI DSS assessment

AOC

100

Retains copies of the signed Employee/Contractor Acknowledgement forms per Retention Requirements.

Insperity/HR

100

This type of hacker referred to by a colorful bit of headwear helpfully tests computer systems for vulnerability

White Hat

100

Identify and authenticate access to system components

Req 8

200

The people, processes and technology that store, process, or transmit cardholder data or sensitive authentication data.

CDE

200

Are responsible for exercising good judgment regarding appropriate use of Blackink IT’s assets.

Users/Everyone

200

A website with a site certificate is one that uses encryption; this letter after http is one sign of it.

S

200

Encrypt transmission of cardholder data across open, public networks

Req 4

300

These people qualified by PCI SSC to perform PCI DSS on-site assessments 

QSA

300

Document stipulating constraints and practices that a user must agree to for access to a corporate network or the Internet

Acceptable Use Policy

300

Companies consider cybersecurity when instructing employees with a policy on BYOD, short for this

Bring Your Own Device

300

Develop and maintain secure systems and applications

Req 6

400

Type of firewall between all wireless networks and the cardholder data environment, and configure these firewalls to deny or, if traffic is necessary for business purposes, permit only authorized traffic between the wireless environment and the cardholder data environment.

Perimeter

400

While our systems may accommodate the use of _____ for company security, you should not expect confidentiality of your files at work.

Passwords

400

A ransomware attack that encrypted 3,800 city of Atlanta computers demanded 6 of these digital items to unfreeze them

Bitcoins

400

Do not use vendor-supplied defaults for system passwords and other security parameters

Req 2

500

A vendor agnostic, industry open standard designed to convey the severity of computer system security vulnerabilities and help determine urgency and priority of response.

CVSS

500

Smartphones and tablets belonging to employees that are for personal use only must use the _______ communication networks.

BI Guest network

500

Beware of these types of programs that track every stroke you make while typing in an effort to glean your password

Keylogging

500

Install and maintain a firewall configuration to protect cardholder data

Req 1

M
e
n
u