Skip to main content

💼 2.2.1 Configuration standards are developed, implemented, and maintained.

  • ID: /frameworks/pci-dss-v4.0.1/02/02/01

Stats

not available

Description

To the following:

  • Cover all system components.
  • Address all known security vulnerabilities.
  • Be consistent with industry-accepted system hardening standards or vendor hardening recommendations.
  • Be updated as new vulnerability issues are identified, as defined in Requirement 6.3.1.
  • Be applied when new systems are configured and verified as in place before or immediately after a system component is connected to a production environment.

Similar

  • Sections
    • /frameworks/pci-dss-v4.0/02/02/01
    • /frameworks/aws-fsbp-v1.0.0/ssm/02
    • /frameworks/aws-fsbp-v1.0.0/ssm/03

Similar Sections (Take Policies From)

SectionSub SectionsInternal RulesPoliciesFlagsCompliance
💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [SSM.2] Amazon EC2 instances managed by Systems Manager should have a patch compliance status of COMPLIANT after a patch installationno data
💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [SSM.3] Amazon EC2 instances managed by Systems Manager should have an association compliance status of COMPLIANTno data
💼 PCI DSS v4.0 → 💼 2.2.1 Configuration standards are developed, implemented, and maintained.13no data

Similar Sections (Give Policies To)

SectionSub SectionsInternal RulesPoliciesFlagsCompliance
💼 PCI DSS v4.0 → 💼 2.2.1 Configuration standards are developed, implemented, and maintained.13no data

Sub Sections

SectionSub SectionsInternal RulesPoliciesFlagsCompliance

Policies (13)

PolicyLogic CountFlagsCompliance
🛡️ AWS Account Root User has active access keys🟢1🟢 x6no data
🛡️ AWS EC2 Auto Scaling Group behind ELB doesn't use ELB health check🟢1🟢 x6no data
🛡️ Google Cloud DNS Managed Zone DNSSEC is not enabled🟢1🟢 x6no data
🛡️ Google Cloud DNS Managed Zone DNSSEC Key-Signing Algorithm is RSASHA1🟢1🟢 x6no data
🛡️ Google Cloud DNS Managed Zone DNSSEC Zone-Signing Algorithm is RSASHA1🟢1🟢 x6no data
🛡️ Google Cloud MySQL Instance Local_infile Database Flag is not set to off🟢1🟢 x6no data
🛡️ Google Cloud SQL Server Instance 3625 (trace flag) Database Flag is not set to on🟢1🟢 x6no data
🛡️ Google Cloud SQL Server Instance user connections Database Flag is set to a limiting (other than 0) value🟢1🟢 x6no data
🛡️ Google Cloud SQL Server Instance user options Database Flag is configured🟢1🟢 x6no data
🛡️ Google GKE Cluster Node Pool Auto-Repair is disabled🟢1🟢 x6no data
🛡️ Google GKE Cluster Node Pool Auto-Upgrade is disabled🟢1🟢 x6no data
🛡️ Google Project has a default network🟢1🟢 x6no data
🛡️ Google Project has a legacy network🟢1🟢 x6no data