πΌ 1.4.2 Inbound traffic from untrusted networks to trusted networks is restricted.
-
Contextual name: πΌ 1.4.2 Inbound traffic from untrusted networks to trusted networks is restricted.
-
ID:
/frameworks/pci-dss-v4.0.1/01/04/02 -
Located in: πΌ 1.4 Network connections between trusted and untrusted networks are controlled.
Descriptionβ
To the following:
- Communications with system components that are authorized to provide publicly accessible services, protocols, and ports.
- Stateful responses to communications initiated by system components in a trusted network.
- All other traffic is denied.
Similarβ
- Sections
/frameworks/pci-dss-v4.0/01/04/02
Similar Sections (Take Policies From)β
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|---|---|---|---|
| πΌ PCI DSS v4.0 β πΌ 1.4.2 Inbound traffic from untrusted networks to trusted networks is restricted. | 8 |
Similar Sections (Give Policies To)β
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|---|---|---|---|
| πΌ PCI DSS v4.0 β πΌ 1.4.2 Inbound traffic from untrusted networks to trusted networks is restricted. | 8 |
Sub Sectionsβ
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|
Policies (8)β
| Policy | Logic Count | Flags |
|---|---|---|
| π AWS RDS Instance is publicly accessible and in an unrestricted public subnet π’ | 1 | π’ x6 |
| π AWS RDS Snapshot is publicly accessible π’ | 1 | π’ x6 |
| π AWS S3 Bucket is not configured to block public access π’ | 1 | π’ x6 |
| π Azure Cosmos DB Account Virtual Network Filter is not enabled π’ | 1 | π’ x6 |
| π Azure Network Security Group allows unrestricted RDP access from the Internet π’ | 1 | π’ x6 |
| π Azure Network Security Group allows unrestricted SSH access from the Internet π’ | 1 | π’ x6 |
| π Azure Network Security Group allows unrestricted UDP access from the Internet π’ | 1 | π’ x6 |
| π Azure Storage Account Allow Blob Anonymous Access is set enabled π’ | 1 | π’ x6 |