πΌ 2.2.1 Configuration standards are developed, implemented, and maintained.
-
Contextual name: πΌ 2.2.1 Configuration standards are developed, implemented, and maintained.
-
ID:
/frameworks/pci-dss-v4.0/02/02/01 -
Located in: πΌ 2.2 System components are configured and managed securely.
Descriptionβ
To the following:
- Cover all system components.
- Address all known security vulnerabilities.
- Be consistent with industry-accepted system hardening standards or vendor hardening recommendations.
- Be updated as new vulnerability issues are identified, as defined in Requirement 6.3.1.
- Be applied when new systems are configured and verified as in place before or immediately after a system component is connected to a production environment.
Similarβ
- Sections
/frameworks/pci-dss-v3.2.1/02/02/frameworks/pci-dss-v4.0.1/02/02/01
- Internal
- ID:
dec-c-db6b45bb
- ID:
Similar Sections (Take Policies From)β
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|---|---|---|---|
| πΌ PCI DSS v3.2.1 β πΌ 2.2 Develop configuration standards for all system components. Assure that these standards address all known security vulnerabilities and are consistent with industry-accepted system hardening standards. | 5 | 3 | 30 | |
| πΌ PCI DSS v4.0.1 β πΌ 2.2.1 Configuration standards are developed, implemented, and maintained. | 11 |
Similar Sections (Give Policies To)β
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|---|---|---|---|
| πΌ PCI DSS v3.2.1 β πΌ 2.2 Develop configuration standards for all system components. Assure that these standards address all known security vulnerabilities and are consistent with industry-accepted system hardening standards. | 5 | 3 | 30 | |
| πΌ PCI DSS v4.0.1 β πΌ 2.2.1 Configuration standards are developed, implemented, and maintained. | 11 |
Sub Sectionsβ
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|
Policies (11)β
| Policy | Logic Count | Flags |
|---|---|---|
| π AWS Account Root User has active access keys π’ | 1 | π’ x6 |
| π AWS EC2 Auto Scaling Group behind ELB doesn't use ELB health check π’ | 1 | π’ x6 |
| π Google Cloud DNS Managed Zone DNSSEC is not enabled π’ | 1 | π’ x6 |
| π Google Cloud DNS Managed Zone DNSSEC Key-Signing Algorithm is RSASHA1 π’ | 1 | π’ x6 |
| π Google Cloud DNS Managed Zone DNSSEC Zone-Signing Algorithm is RSASHA1 π’ | 1 | π’ x6 |
| π Google Cloud MySQL Instance Local_infile Database Flag is not set to off π’ | 1 | π’ x6 |
| π Google Cloud SQL Server Instance 3625 (trace flag) Database Flag is not set to on π’ | 1 | π’ x6 |
| π Google Cloud SQL Server Instance user connections Database Flag is set to a limiting (other than 0) value π’ | 1 | π’ x6 |
| π Google Cloud SQL Server Instance user options Database Flag is configured π’ | 1 | π’ x6 |
| π Google Project has a default network π’ | 1 | π’ x6 |
| π Google Project has a legacy network π’ | 1 | π’ x6 |