Breakdown of the Payment Card Industry (PCI) audit scan template used in Control Compliance Suite Vulnerability Manager (CCS-VM)

book

Article ID: 156489

calendar_today

Updated On:

Products

Control Compliance Suite Vulnerability Manager

Issue/Introduction

Breakdown of the Payment Card Industry (PCI) audit scan template used in Control Compliance Suite Vulnerability Manager (CCS-VM)

Resolution

This audit of Payment Card Industry (PCI) compliance uses only safe checks, including network-based vulnerabilities, patch/hotfix verification, and application-layer testing. CCS-VM(NeXpose) scans all TCP ports and well-known UDP ports. CCS-VM(NeXpose) does not perform policy checks

Why use this template: Use this template to scan assets as part of a PCI compliance program.

Device/vulnerability scan: Y/Y

Maximum # scan threads: 10

ICMP (Ping hosts): Y

TCP ports used for device discovery: 22, 23, 25, 80, 443

UDP ports used for device discovery: None

Device discovery performance: 5 ms send delay, 4 retries, 1000 ms block timeout

TCP port scan method: Stealth scan (SYN)

TCP optimizer ports: None

TCP ports to scan: All possible (1-65535)

TCP port scan performance: 1 ms send delay, 5 blocks, 15 ms block delay, 5 retries

UDP ports to scan: Well-known numbers

Simultaneous port scans: 5

Specific vulnerability checks enabled (which disables all other checks): None

Specific vulnerability checks disabled: Policy check types