πΌ 11.6.1 A change- and tamper-detection mechanism is deployed.
-
Contextual name: πΌ 11.6.1 A change- and tamper-detection mechanism is deployed.
-
ID:
/frameworks/pci-dss-v4.0/11/06/01 -
Located in: πΌ 11.6 Unauthorized changes on payment pages are detected and responded to.
Descriptionβ
As follows:
-
To alert personnel to unauthorized modification (including indicators of compromise, changes, additions, and deletions) to the HTTP headers and the contents of payment pages as received by the consumer browser.
-
The mechanism is configured to evaluate the received HTTP header and payment page.
-
The mechanism functions are performed as follows:
- At least once every seven days
OR
- Periodically (at the frequency defined in the entity's targeted risk analysis, which is performed according to all elements specified in Requirement 12.3.1).
Similarβ
- Sections
/frameworks/pci-dss-v3.2.1/11/04/frameworks/pci-dss-v4.0.1/11/06/01
Similar Sections (Take Policies From)β
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|---|---|---|---|
| πΌ PCI DSS v3.2.1 β πΌ 11.4 Use intrusion-detection and/or intrusion-prevention techniques to detect and/or prevent intrusions into the network. | 1 | 1 | ||
| πΌ PCI DSS v4.0.1 β πΌ 11.6.1 A change- and tamper-detection mechanism is deployed. | 1 |
Similar Sections (Give Policies To)β
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|---|---|---|---|
| πΌ PCI DSS v3.2.1 β πΌ 11.4 Use intrusion-detection and/or intrusion-prevention techniques to detect and/or prevent intrusions into the network. | 1 | 1 | ||
| πΌ PCI DSS v4.0.1 β πΌ 11.6.1 A change- and tamper-detection mechanism is deployed. | 1 |
Sub Sectionsβ
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|
Policies (1)β
| Policy | Logic Count | Flags |
|---|---|---|
| π AWS VPC Flow Logs are not enabled π’ | 1 | π x1, π’ x5 |