PCI-2.2.3:: Difference between revisions
Jump to navigation
Jump to search
(New page: <blockquote style="background: #C8CDC7; padding: 1em; margin-left: 0.5em;"> <br> ::'''Examine the organization’s system configuration standards for network components and critical server...) |
No edit summary |
||
| Line 3: | Line 3: | ||
::'''Examine the organization’s system configuration standards for network components and critical servers, including any wireless access points, and verify each item below is included in the standard. Additionally determine that each item below is part of the process when new systems are configured.'''<br> | ::'''Examine the organization’s system configuration standards for network components and critical servers, including any wireless access points, and verify each item below is included in the standard. Additionally determine that each item below is part of the process when new systems are configured.'''<br> | ||
<br> | <br> | ||
:::'''PCI-2.2.3:''' Inquire of system administrators and or security managers to determine that they have knowledge of common security parameter settings for their operating systems, database servers, Web servers, and wireless systems.<br> | :::'''PCI-2.2.3 A:''' Inquire of system administrators and or security managers to determine that they have knowledge of common security parameter settings for their operating systems, database servers, Web servers, and wireless systems.<br> | ||
<br> | <br> | ||
:::Verify that common security parameter settings are included in the system configuration standards.<br> | :::'''PCI-2.2.3 B:''' Verify that common security parameter settings are included in the system configuration standards.<br> | ||
<br> | <br> | ||
:::Select a sample of (insert number and or description of sample) from all system components the samples of databases and critical servers (including wireless), and verify that common security parameters are set appropriately.<br> | :::'''PCI-2.2.3 C:''' Select a sample of (insert number and or description of sample) from all system components the samples of databases and critical servers (including wireless), and verify that common security parameters are set appropriately.<br> | ||
<br> | <br> | ||
</blockquote> | </blockquote> | ||
| Line 65: | Line 65: | ||
<br> | <br> | ||
--[[User:Mdpeters|Mdpeters]] 08: | --[[User:Mdpeters|Mdpeters]] 08:52, 28 February 2007 (EST) | ||
Latest revision as of 13:52, 28 February 2007
- Examine the organization’s system configuration standards for network components and critical servers, including any wireless access points, and verify each item below is included in the standard. Additionally determine that each item below is part of the process when new systems are configured.
- PCI-2.2.3 A: Inquire of system administrators and or security managers to determine that they have knowledge of common security parameter settings for their operating systems, database servers, Web servers, and wireless systems.
- PCI-2.2.3 B: Verify that common security parameter settings are included in the system configuration standards.
- PCI-2.2.3 C: Select a sample of (insert number and or description of sample) from all system components the samples of databases and critical servers (including wireless), and verify that common security parameters are set appropriately.
Testing Procedures
Insert testing guidance here.
Testing Frequency
Describe testing frequency here.
Evidence Archive Location
Insert hyperlink or location of evidence archive.
Control Stewards Process Narrative
Provide control steward commentary indicating the formal methodology in place.
Control Steward – Jon Doe
Process Illustration
Replace this test by inserting a process diagram, flowchart or other visual representation to illustrate the process narrative as necessary. Include a brief description of the process illustration.
Control Status and Auditors Commentary
The control is effective.
File:Greenlock.jpg
Status is acceptable.
Control Exception Commentary
Status is acceptable.
Remediation Plan
Remediation is not required at this time.
--Mdpeters 08:52, 28 February 2007 (EST)