Posted: Tue Nov 10, 2009 11:28 pm Post subject: PCI QFI application
Has anyone here been involved in the PCI QFI Application process?
The main elements of application that I am looking for help on is:
2.3 Forensic Lab and Analysis Equipment - How much information has to go here.. Would Encase/FTK software tools fall into this category and also forensic workstations?
2.4 Evidence Collection Equipment - What exactly has to go in here? It seems quite similar to the above requirement. Would Encase/FTK software tools fall into this category? List Servers/hard drives to store forensic bit-by-bit copies of all media?
Im not sure what the difference between 2.3 and 2.4 Is??
2.5- Incident Response Policies and Guidelines - are these our own company in-house policies and guidelines or a recommended standard by VISA?
2.6- Data Preservation Guidelines - Again, are these standard Data Preservation Guidelines from Visa or within our own company?
2.7 - Digital Forensics - Digital Forensics Guidelines are developed inhouse or standards developed by VISA?
2.8 - Preserving and Submitting Computer Evidence Guidelines - Evidentiary procedures developed inhouse or standards developed by VISA?
2.9- Chain of Custody Guidelines - Chain of Custody Guidelines developed inhouse or standards developed by VISA?
These were a little ambiguous for me, so if anyone could shed some light on it, I would appreciate that.
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum