Skip to main content

💼 2.2.6 System security parameters are configured to prevent misuse.

  • ID: /frameworks/pci-dss-v4.0.1/02/02/06

Stats

not available

Description

Empty...

Similar

  • Sections
    • /frameworks/pci-dss-v4.0/02/02/06
    • /frameworks/aws-fsbp-v1.0.0/auto-scaling/03
    • /frameworks/aws-fsbp-v1.0.0/cloudfront/01
    • /frameworks/aws-fsbp-v1.0.0/cloudfront/12
    • /frameworks/aws-fsbp-v1.0.0/ec2/08
    • /frameworks/aws-fsbp-v1.0.0/ec2/170

Similar Sections (Take Policies From)

SectionSub SectionsInternal RulesPoliciesFlagsCompliance
💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [AutoScaling.3] Auto Scaling group launch configurations should configure EC2 instances to require Instance Metadata Service Version 2 (IMDSv2)11no data
💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [CloudFront.1] CloudFront distributions should have a default root object configured11no data
💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [CloudFront.12] CloudFront distributions should not point to non-existent S3 originsno data
💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [EC2.8] EC2 instances should use Instance Metadata Service Version 2 (IMDSv2)11no data
💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [EC2.170] EC2 launch templates should use Instance Metadata Service Version 2 (IMDSv2)1no data
💼 PCI DSS v4.0 → 💼 2.2.6 System security parameters are configured to prevent misuse.1217no data

Similar Sections (Give Policies To)

SectionSub SectionsInternal RulesPoliciesFlagsCompliance
💼 PCI DSS v4.0 → 💼 2.2.6 System security parameters are configured to prevent misuse.1217no data

Sub Sections

SectionSub SectionsInternal RulesPoliciesFlagsCompliance

Policies (17)

PolicyLogic CountFlagsCompliance
🛡️ AWS CloudFront Web Distribution Default Root Object is not configured🟢1🟢 x6no data
🛡️ AWS CloudFront Web Distribution uses outdated SSL protocols with Custom Origins🟢1🟢 x6no data
🛡️ AWS DMS Endpoint doesn't use SSL🟢1🟢 x6no data
🛡️ AWS EC2 Auto Scaling Group Launch Template is not configured to require IMDSv2🟢1🟢 x6no data
🛡️ AWS EC2 Instance IMDSv2 is not enabled🟢1🟢 x6no data
🛡️ AWS EC2 Launch Template Latest Version is not configured to require IMDSv2🟢1🟢 x6no data
🛡️ AWS EC2 Security Group allows unrestricted CIFS traffic🟢1🟢 x6no data
🛡️ AWS EC2 Security Group allows unrestricted FTP traffic🟢1🟢 x6no data
🛡️ AWS EC2 Security Group allows unrestricted NetBIOS traffic🟢1🟢 x6no data
🛡️ AWS EC2 Security Group allows unrestricted RPC traffic🟢1🟢 x6no data
🛡️ AWS S3 Bucket Policy is not set to deny HTTP requests🟢1🟢 x6no data
🛡️ Azure App Service FTP deployments are not disabled🟢1🟢 x6no data
🛡️ Azure App Service HTTPS Only configuration is not enabled🟢1🟢 x6no data
🛡️ Azure MySQL Flexible Server require_secure_transport Parameter is not set to ON🟢1🟢 x6no data
🛡️ Azure Network Security Group allows public access to HTTP(S) ports🟢1🟢 x6no data
🛡️ Azure PostgreSQL Flexible Server require_secure_transport Parameter is not set to ON🟢1🟢 x6no data
🛡️ Azure PostgreSQL Single Server Enforce SSL Connection is not set enabled🟢1🟢 x6no data