πΌ 11.5.1 Intrusion-detection and/or intrusion-prevention techniques are used to detect and/or prevent intrusions into the network.
-
Contextual name: πΌ 11.5.1 Intrusion-detection and/or intrusion-prevention techniques are used to detect and/or prevent intrusions into the network.
-
ID:
/frameworks/pci-dss-v4.0.1/11/05/01 -
Located in: πΌ 11.5 Network intrusions and unexpected file changes are detected and responded to.
Descriptionβ
As follows:
- All traffic is monitored at the perimeter of the CDE.
- All traffic is monitored at critical points in the CDE.
- Personnel are alerted to suspected compromises.
- All intrusion-detection and prevention engines, baselines, and signatures are kept up to date.
Similarβ
- Sections
/frameworks/pci-dss-v4.0/11/05/01/frameworks/aws-fsbp-v1.0.0/guardduty/06/frameworks/aws-fsbp-v1.0.0/guardduty/07/frameworks/aws-fsbp-v1.0.0/guardduty/09/frameworks/aws-fsbp-v1.0.0/guardduty/10
Similar Sections (Take Policies From)β
Similar Sections (Give Policies To)β
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|---|---|---|---|
| πΌ PCI DSS v4.0 β πΌ 11.5.1 Intrusion-detection and/or intrusion-prevention techniques are used to detect and/or prevent intrusions into the network. | 1 | 1 |
Sub Sectionsβ
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|---|---|---|---|
| πΌ 11.5.1.1 Intrusion-detection and/or intrusion-prevention techniques detect, alert on/prevent, and address covert malware communication channels. | 1 |
Policies (1)β
| Policy | Logic Count | Flags |
|---|---|---|
| π AWS VPC Flow Logs are not enabled π’ | 1 | π x1, π’ x5 |