πΌ 11.6.1 A change- and tamper-detection mechanism is deployed.
-
Contextual name: πΌ 11.6.1 A change- and tamper-detection mechanism is deployed.
-
ID:
/frameworks/pci-dss-v4.0.1/11/06/01 -
Located in: πΌ 11.6 Unauthorized changes on payment pages are detected and responded to.
Descriptionβ
As follows:
-
To alert personnel to unauthorized modification (including indicators of compromise, changes, additions, and deletions) to the security-impacting HTTP headers and the script contents of payment pages as received by the consumer browser.
-
The mechanism is configured to evaluate the received HTTP header and payment page.
-
The mechanism functions are performed as follows:
- At least weekly.
OR
- Periodically (at the frequency defined in the entity's targeted risk analysis, which is performed according to all elements specified in Requirement 12.3.1).
Similarβ
- Sections
/frameworks/pci-dss-v4.0/11/06/01
Similar Sections (Take Policies From)β
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|---|---|---|---|
| πΌ PCI DSS v4.0 β πΌ 11.6.1 A change- and tamper-detection mechanism is deployed. | 1 |
Similar Sections (Give Policies To)β
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|---|---|---|---|
| πΌ PCI DSS v4.0 β πΌ 11.6.1 A change- and tamper-detection mechanism is deployed. | 1 |
Sub Sectionsβ
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|
Policies (1)β
| Policy | Logic Count | Flags |
|---|---|---|
| π AWS VPC Flow Logs are not enabled π’ | 1 | π x1, π’ x5 |