Skip to main content

πŸ’Ό 1.2.5 All services, protocols, and ports allowed are identified, approved, and have a defined business need.

Description​

Empty...

Similar​

  • Sections
    • /frameworks/pci-dss-v3.2.1/01/01/06
    • /frameworks/pci-dss-v4.0.1/01/02/05
  • Internal
    • ID: dec-c-66dcb8df

Similar Sections (Take Policies From)​

SectionSub SectionsInternal RulesPoliciesFlags
πŸ’Ό PCI DSS v3.2.1 β†’ πŸ’Ό 1.1.6 Documentation of business justification and approval for use of all services, protocols, and ports allowed, including documentation of security features implemented for those protocols considered to be insecure.127
πŸ’Ό PCI DSS v4.0.1 β†’ πŸ’Ό 1.2.5 All services, protocols, and ports allowed are identified, approved, and have a defined business need.27

Similar Sections (Give Policies To)​

SectionSub SectionsInternal RulesPoliciesFlags
πŸ’Ό PCI DSS v3.2.1 β†’ πŸ’Ό 1.1.6 Documentation of business justification and approval for use of all services, protocols, and ports allowed, including documentation of security features implemented for those protocols considered to be insecure.127
πŸ’Ό PCI DSS v4.0.1 β†’ πŸ’Ό 1.2.5 All services, protocols, and ports allowed are identified, approved, and have a defined business need.27

Sub Sections​

SectionSub SectionsInternal RulesPoliciesFlags

Policies (27)​

PolicyLogic CountFlags
πŸ“ AWS CloudFront Web Distribution uses outdated SSL protocols with Custom Origins 🟒1🟒 x6
πŸ“ AWS EC2 Security Group allows public IPv4 (0.0.0.0/0) access to admin ports 🟒1🟒 x6
πŸ“ AWS EC2 Security Group allows public IPv6 (::/0) access to admin ports 🟒1🟒 x6
πŸ“ AWS EC2 Security Group allows unrestricted CIFS traffic 🟒1🟒 x6
πŸ“ AWS EC2 Security Group allows unrestricted DNS traffic 🟒1🟒 x6
πŸ“ AWS EC2 Security Group allows unrestricted FTP traffic 🟒1🟒 x6
πŸ“ AWS EC2 Security Group allows unrestricted ICMP traffic 🟒1🟒 x6
πŸ“ AWS EC2 Security Group allows unrestricted NetBIOS traffic 🟒1🟒 x6
πŸ“ AWS EC2 Security Group allows unrestricted RPC traffic 🟒1🟒 x6
πŸ“ AWS EC2 Security Group allows unrestricted SMTP traffic 🟒1🟒 x6
πŸ“ AWS EC2 Security Group allows unrestricted traffic to MongoDB 🟒1🟒 x6
πŸ“ AWS EC2 Security Group allows unrestricted traffic to MSSQL 🟒1🟒 x6
πŸ“ AWS EC2 Security Group allows unrestricted traffic to MySQL 🟒1🟒 x6
πŸ“ AWS EC2 Security Group allows unrestricted traffic to Oracle DBMS 🟒1🟒 x6
πŸ“ AWS EC2 Security Group allows unrestricted traffic to PostgreSQL 🟒1🟒 x6
πŸ“ Azure Network Security Group allows public access to HTTP(S) ports 🟒1🟒 x6
πŸ“ Google Cloud DNS Managed Zone DNSSEC is not enabled 🟒1🟒 x6
πŸ“ Google Cloud DNS Managed Zone DNSSEC Key-Signing Algorithm is RSASHA1 🟒1🟒 x6
πŸ“ Google Cloud DNS Managed Zone DNSSEC Zone-Signing Algorithm is RSASHA1 🟒1🟒 x6
πŸ“ Google Cloud SQL Server Instance 3625 (trace flag) Database Flag is not set to on 🟒1🟒 x6
πŸ“ Google Cloud SQL Server Instance external scripts enabled Database Flag is not set to off 🟒1🟒 x6
πŸ“ Google Cloud SQL Server Instance remote access Database Flag is not set to off 🟒1🟒 x6
πŸ“ Google Cloud SQL Server Instance user connections Database Flag is set to a limiting (other than 0) value 🟒1🟒 x6
πŸ“ Google Cloud SQL Server Instance user options Database Flag is configured 🟒1🟒 x6
πŸ“ Google GCE Instance Enable Connecting to Serial Ports is not disabled 🟒1🟒 x6
πŸ“ Google Project has a default network 🟒1🟒 x6
πŸ“ Google Project has a legacy network 🟒1🟒 x6

Internal Rules​

RulePoliciesFlags
βœ‰οΈ dec-x-3e379c671
βœ‰οΈ dec-x-6eab9b881
βœ‰οΈ dec-x-11c3009f1
βœ‰οΈ dec-x-14bf01f31
βœ‰οΈ dec-x-42a090841
βœ‰οΈ dec-x-293ab45b1
βœ‰οΈ dec-x-66358b451
βœ‰οΈ dec-x-637372481
βœ‰οΈ dec-x-bcae85fb2
βœ‰οΈ dec-x-ca1c0c0d1
βœ‰οΈ dec-x-f4cc003a1
βœ‰οΈ dec-x-f12d78aa1
βœ‰οΈ dec-z-c82c9f971
βœ‰οΈ dec-z-dbeeed9f1
βœ‰οΈ dec-z-f778950c1