Skip to main content

💼 7.3.1 An access control system(s) is in place that restricts access based on a user's need to know and covers all system components.

Contextual name: 💼 7.3.1 An access control system(s) is in place that restricts access based on a user's need to know and covers all system components.
ID: /frameworks/pci-dss-v4.0/07/03/01
Located in: 💼 7.3 Access to system components and data is managed via an access control system(s).

Description

Empty...

Similar

Sections
- /frameworks/pci-dss-v3.2.1/07/02/01
- /frameworks/pci-dss-v4.0.1/07/03/01
Internal
- ID: dec-c-5fc5fdb4

Similar Sections (Take Policies From)

Section	Sub Sections	Internal Rules	Policies	Flags
💼 PCI DSS v3.2.1 → 💼 7.2.1 Coverage of all system components.			7
💼 PCI DSS v4.0.1 → 💼 7.3.1 An access control system(s) is in place that restricts access based on a user's need to know and covers all system components.			7

Similar Sections (Give Policies To)

Section	Sub Sections	Internal Rules	Policies	Flags
💼 PCI DSS v3.2.1 → 💼 7.2.1 Coverage of all system components.			7
💼 PCI DSS v4.0.1 → 💼 7.3.1 An access control system(s) is in place that restricts access based on a user's need to know and covers all system components.			7

Sub Sections

Section	Sub Sections	Internal Rules	Policies	Flags

Policies (7)

Policy	Logic Count	Flags
📝 AWS Account Root User has active access keys 🟢	1	🟢 x6
📝 AWS EBS Snapshot is publicly accessible 🟢	1	🟢 x6
📝 AWS IAM Policy allows full administrative privileges 🟢	1	🟢 x6
📝 AWS IAM User has inline or directly attached policies 🟢	1	🟠 x1, 🟢 x5
📝 AWS RDS Instance is publicly accessible and in an unrestricted public subnet 🟢	1	🟢 x6
📝 AWS RDS Snapshot is publicly accessible 🟢	1	🟢 x6
📝 Google IAM Users are assigned the Service Account User or Service Account Token Creator roles at Project level 🟢	1	🟢 x6

Description
Similar
Similar Sections (Take Policies From)
Similar Sections (Give Policies To)
Sub Sections
Policies (7)