💼 2.2.1 Configuration standards are developed, implemented, and maintained.

• Contextual name: 💼 2.2.1 Configuration standards are developed, implemented, and maintained.

• ID: /frameworks/pci-dss-v4.0/02/02/01

• Located in: 💼 2.2 System components are configured and managed securely.

Description

To the following:

• Cover all system components.
• Address all known security vulnerabilities.
• Be consistent with industry-accepted system hardening standards or vendor hardening recommendations.
• Be updated as new vulnerability issues are identified, as defined in Requirement 6.3.1.
• Be applied when new systems are configured and verified as in place before or immediately after a system component is connected to a production environment.

Similar

• Sections
  • /frameworks/pci-dss-v3.2.1/02/02
  • /frameworks/pci-dss-v4.0.1/02/02/01

Similar Sections (Take Policies From)

Section	Sub Sections	Internal Rules	Policies	Flags
💼 PCI DSS v3.2.1 → 💼 2.2 Develop configuration standards for all system components. Assure that these standards address all known security vulnerabilities and are consistent with industry-accepted system hardening standards.	5	3	6
💼 PCI DSS v4.0.1 → 💼 2.2.1 Configuration standards are developed, implemented, and maintained.			2

Similar Sections (Give Policies To)

Section	Sub Sections	Internal Rules	Policies	Flags
💼 PCI DSS v3.2.1 → 💼 2.2 Develop configuration standards for all system components. Assure that these standards address all known security vulnerabilities and are consistent with industry-accepted system hardening standards.	5	3	6
💼 PCI DSS v4.0.1 → 💼 2.2.1 Configuration standards are developed, implemented, and maintained.			2

Sub Sections

Section	Sub Sections	Internal Rules	Policies	Flags

Policies (2)

Policy	Logic Count	Flags
📝 AWS Account Root User has active access keys 🟢	1	🟢 x6
📝 AWS EC2 Auto Scaling Group behind ELB doesn't use ELB health check 🟢	1	🟢 x6