Skip to main content

💼 10.2.1 Audit logs are enabled and active for all system components and cardholder data.

Contextual name: 💼 10.2.1 Audit logs are enabled and active for all system components and cardholder data.
ID: /frameworks/pci-dss-v4.0.1/10/02/01
Located in: 💼 10.2 Audit logs are implemented to support the detection of anomalies and suspicious activity, and the forensic analysis of events.

Description

Empty...

Similar

Sections
- /frameworks/pci-dss-v4.0/10/02/01
- /frameworks/aws-fsbp-v1.0.0/ec2/51
- /frameworks/aws-fsbp-v1.0.0/eks/08
- /frameworks/aws-fsbp-v1.0.0/opensearch/05
- /frameworks/aws-fsbp-v1.0.0/rds/09
- /frameworks/aws-fsbp-v1.0.0/rds/34
- /frameworks/aws-fsbp-v1.0.0/redshift/04
- /frameworks/aws-fsbp-v1.0.0/s3/09

Similar Sections (Take Policies From)

Section	Sub Sections	Internal Rules	Policies	Flags
💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [EC2.51] EC2 Client VPN endpoints should have client connection logging enabled
💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [EKS.8] EKS clusters should have audit logging enabled
💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [Opensearch.5] OpenSearch domains should have audit logging enabled
💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [RDS.9] RDS DB instances should publish logs to CloudWatch Logs
💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [RDS.34] Aurora MySQL DB clusters should publish audit logs to CloudWatch Logs
💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [Redshift.4] Amazon Redshift clusters should have audit logging enabled
💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [S3.9] S3 general purpose buckets should have server access logging enabled		1	2
💼 PCI DSS v4.0 → 💼 10.2.1 Audit logs are enabled and active for all system components and cardholder data.	7		8

Similar Sections (Give Policies To)

Section	Sub Sections	Internal Rules	Policies	Flags
💼 PCI DSS v4.0 → 💼 10.2.1 Audit logs are enabled and active for all system components and cardholder data.	7		8

Sub Sections

Section	Sub Sections	Internal Rules	Policies	Flags
💼 10.2.1.1 Audit logs capture all individual user access to cardholder data.			4
💼 10.2.1.2 Audit logs capture all actions taken by any individual with administrative access, including any interactive use of application or system accounts.
💼 10.2.1.3 Audit logs capture all access to audit logs.			1
💼 10.2.1.4 Audit logs capture all invalid logical access attempts.			4
💼 10.2.1.5 Audit logs capture all changes to identification and authentication credentials.			1
💼 10.2.1.6 Audit logs capture all initialization of new audit logs, starting, stopping, or pausing of the existing audit logs.
💼 10.2.1.7 Audit logs capture all creation and deletion of system-level objects.

Policies (2)

Policy	Logic Count	Flags
📝 AWS CloudTrail S3 Bucket Access Logging is not enabled. 🟢	1	🟢 x6
📝 AWS S3 Bucket Server Access Logging is not enabled 🟢	1	🟢 x6

Description
Similar
Similar Sections (Take Policies From)
Similar Sections (Give Policies To)
Sub Sections
Policies (2)