Guide to the Secure Configuration of Red Hat Enterprise Linux 7 (PCI-DSS centric)

The SCAP Security Guide Project
https://www.open-scap.org/security-policies/scap-security-guide
This guide presents a catalog of security-relevant configuration settings for Red Hat Enterprise Linux 7. It is a rendering of content structured in the eXtensible Configuration Checklist Description Format (XCCDF) in order to support security automation. The SCAP content is is available in the scap-security-guide package which is developed at https://www.open-scap.org/security-policies/scap-security-guide.

Providing system administrators with such guidance informs them how to securely configure systems under their control in a variety of network roles. Policy makers and baseline creators can use this catalog of settings, with its associated references to higher-level security control catalogs, in order to assist them in security baseline creation. This guide is a catalog, not a checklist, and satisfaction of every item is not likely to be possible or sensible in many operational scenarios. However, the XCCDF format enables granular selection and adjustment of settings, and their association with OVAL and OCIL content provides an automated checking capability. Transformations of this document, and its associated automated checking content, are capable of providing baselines that meet a diverse set of policy objectives. Some example XCCDF Profiles, which are selections of items that form checklists and can be used as baselines, are available with this guide. They can be processed, in an automated fashion, with tools that support the Security Content Automation Protocol (SCAP). The DISA STIG, which provides required settings for US Department of Defense systems, is one example of a baseline created from this guidance.

This benchmark is a direct port of a SCAP Security Guide benchmark developed for Red Hat Enterprise Linux. It has been modified through an automated process to remove specific dependencies on Red Hat Enterprise Linux and to function with CentOS. The result is a generally useful SCAP Security Guide benchmark with the following caveats:

  • CentOS is not an exact copy of Red Hat Enterprise Linux. There may be configuration differences that produce false positives and/or false negatives. If this occurs please file a bug report.
  • CentOS has its own build system, compiler options, patchsets, and is a community supported, non-commercial operating system. CentOS does not inherit certifications or evaluations from Red Hat Enterprise Linux. As such, some configuration rules (such as those requiring FIPS 140-2 encryption) will continue to fail on CentOS.

Members of the CentOS community are invited to participate in OpenSCAP and SCAP Security Guide development. Bug reports and patches can be sent to GitHub: https://github.com/OpenSCAP/scap-security-guide. The mailing list is at https://fedorahosted.org/mailman/listinfo/scap-security-guide.

Do not attempt to implement any of the settings in this guide without first testing them in a non-operational environment. The creators of this guidance assume no responsibility whatsoever for its use by other parties, and makes no guarantees, expressed or implied, about its quality, reliability, or any other characteristic.

Profile Information

Profile ID(default)

CPE Platforms

  • cpe:/o:redhat:enterprise_linux:7
  • cpe:/o:centos:centos:7
  • cpe:/o:redhat:enterprise_linux:7::server
  • cpe:/o:redhat:enterprise_linux:7::client
  • cpe:/o:redhat:enterprise_linux:7::computenode
  • cpe:/o:redhat:enterprise_linux:7::workstation

Revision History

Current version: 0.1.56

  • draft (as of 2021-05-26)

Table of Contents

  1. 2.
    1. 2.1
    2. 2.2
    3. 2.3
    4. 2.4
    5. 2.5
    6. 2.6
  2. 3.
    1. 3.1
    2. 3.2
    3. 3.3
    4. 3.4
    5. 3.5
    6. 3.6
    7. 3.7
  3. 4.
    1. 4.1
    2. 4.2
    3. 4.3
  4. 5.
    1. 5.1
    2. 5.2
    3. 5.3
    4. 5.4
  5. 6.
    1. 6.1
    2. 6.2
    3. 6.3
    4. 6.4
    5. 6.5
    6. 6.6
    7. 6.7
  6. 7.
    1. 7.1
    2. 7.2
    3. 7.3
  7. 8.
    1. 8.1
    2. 8.2
    3. 8.3
    4. 8.4
    5. 8.5
    6. 8.6
    7. 8.7
    8. 8.8
  8. 10.
    1. 10.1
    2. 10.2
    3. 10.3
    4. 10.4
    5. 10.5
    6. 10.6
    7. 10.7
    8. 10.8
  9. 11.
    1. 11.1
    2. 11.2
    3. 11.3
    4. 11.4
    5. 11.5
    6. 11.6
  10. Values
  11. Non PCI-DSS

Checklist

Group   Guide to the Secure Configuration of Red Hat Enterprise Linux 7 (PCI-DSS centric)
Group   2.
[ref]   Do not use vendor-supplied defaults for system passwords and other
Group   2.1
[ref]   Always change vendor-supplied
Group   2.1.1
[ref]   For wireless environments
Group   2.1.1.a
[ref]   Interview responsible personnel and examine
Group   2.1.1.b
[ref]   Interview personnel and examine policies and
Group   2.1.1.c
[ref]   Examine vendor documentation and login to
Group   2.1.1.d
[ref]   Examine vendor documentation and observe
Group   2.1.1.e
[ref]   Examine vendor documentation and observe
Group   2.1.a
[ref]   Choose a sample of system components, and attempt
Group   2.1.b
[ref]   For the sample of system components, verify that all
Group   2.1.c
[ref]   Interview personnel and examine supporting
Group   2.2
[ref]   Develop configuration standards for
Group   2.2.1
[ref]   Implement only one primary
Group   2.2.1.a
[ref]   Select a sample of system components and
Group   2.2.1.b
[ref]   If virtualization technologies are used, inspect the
Group   2.2.2
[ref]   Enable only necessary services,
Group   2.2.2.a
[ref]   Select a sample of system components and
Group   2.2.2.b
[ref]   Identify any enabled insecure services, daemons,
Group   2.2.3
[ref]   Implement additional security
Group   2.2.3.a
[ref]   Inspect configuration settings to verify that security
Group   2.2.4
[ref]   Configure system security
Group   2.2.4.a
[ref]   Interview system administrators and/or security
Group   2.2.4.b
[ref]   Examine the system configuration standards to
Group   2.2.4.c
[ref]   Select a sample of system components and
Group   2.2.5
[ref]   Remove all unnecessary
Group   2.2.5.a
[ref]   Select a sample of system components and
Group   2.2.5.b
[ref]   . Examine the documentation and security
Group   2.2.5.c
[ref]   . Examine the documentation and security
Group   2.2.a
[ref]  
Group   2.2.b
[ref]   Examine policies and interview personnel to
Group   2.2.c
[ref]   Examine policies and interview personnel to
Group   2.2.d
[ref]   Verify that system configuration standards include the
Group   2.3
[ref]   Encrypt all non-console
Group   2.3.a
[ref]   Observe an administrator log on to each system and
Group   2.3.b
[ref]   Review services and parameter files on systems to
Group   2.3.c
[ref]   Observe an administrator log on to each system to
Group   2.3.d
[ref]   Examine vendor documentation and interview
Group   2.4
[ref]   Maintain an inventory of system
Group   2.4.a
[ref]   Examine system inventory to verify that a list of
Group   2.4.b
[ref]   Interview personnel to verify the documented inventory
Group   2.5
[ref]   Ensure that security policies and
Group   2.6
[ref]   Shared hosting providers must
Group   3.
[ref]   Protect stored cardholder data
Group   3.1
[ref]   Keep cardholder data storage to a
Group   3.1.a
[ref]   Examine the data retention and disposal policies,
Group   3.1.b
[ref]   Interview personnel to verify that:
Group   3.1.c
[ref]   For a sample of system components that store cardholder
Group   3.2
[ref]   Do not store sensitive authentication
Group   3.2.1
[ref]   Do not store the full contents of
Group   3.2.2
[ref]   Do not store the card verification
Group   3.2.3
[ref]   Do not store the personal
Group   3.2.a
[ref]   For issuers and/or companies that support issuing
Group   3.2.b
[ref]   For issuers and/or companies that support issuing
Group   3.2.c
[ref]   For all other entities, if sensitive authentication data is
Group   3.2.d
[ref]   For all other entities, if sensitive authentication data is
Group   3.3
[ref]   Mask PAN when displayed (the first
Group   3.3.a
[ref]   Examine written policies and procedures for masking the
Group   3.3.b
[ref]   Examine system configurations to verify that full PAN is
Group   3.3.c
[ref]   Examine displays of PAN (for example, on screen, on
Group   3.4
[ref]   Render PAN unreadable anywhere it
Group   3.4.1
[ref]   If disk encryption is used (rather
Group   3.4.1.a
[ref]   If disk encryption is used, inspect the configuration
Group   3.4.1.b
[ref]   Observe processes and interview personnel to verify
Group   3.4.1.c
[ref]   Examine the configurations and observe the
Group   3.4.a
[ref]   Examine documentation about the system used to protect
Group   3.4.b
[ref]   Examine several tables or files from a sample of data
Group   3.4.c
[ref]   Examine a sample of removable media (for example,
Group   3.4.d
[ref]   Examine a sample of audit logs to confirm that the PAN is
Group   3.4.e
[ref]   If
Group   3.5
[ref]   Document and implement
Group   3.5.1
[ref]   Restrict access to cryptographic
Group   3.5.2
[ref]   Store secret and private keys
Group   3.5.2.a
[ref]   Examine documented procedures to verify that
Group   3.5.2.b
[ref]   Examine system configurations and key storage
Group   3.5.2.c
[ref]   Wherever key-encrypting keys are used, examine
Group   3.5.3
[ref]   Store cryptographic keys in the
Group   3.6
[ref]   Fully document and implement all
Group   3.6.1
[ref]   Generation of strong
Group   3.6.1.a
[ref]   Verify that key-management procedures specify how
Group   3.6.1.b
[ref]   Observe the method for generating keys to verify that
Group   3.6.2
[ref]   Secure cryptographic key
Group   3.6.2.a
[ref]   Verify that key-management procedures specify how
Group   3.6.2.b
[ref]   Observe the method for distributing keys to verify that
Group   3.6.3
[ref]   Secure cryptographic key storage
Group   3.6.3.a
[ref]   Verify that key-management procedures specify how
Group   3.6.3.b
[ref]   Observe the method for storing keys to verify that
Group   3.6.4
[ref]   Cryptographic key changes for
Group   3.6.4.a
[ref]   Verify that key-management procedures include a
Group   3.6.4.b
[ref]   Interview personnel to verify that keys are changed at
Group   3.6.5
[ref]   Retirement or replacement (for
Group   3.6.5.a
[ref]   Verify that key-management procedures specify
Group   3.6.5.b
[ref]   Interview personnel to verify the following processes
Group   3.6.6
[ref]   If manual clear-text cryptographic
Group   3.6.6.a
[ref]   Verify that manual clear-text key-management
Group   3.6.7
[ref]   Prevention of unauthorized
Group   3.6.7.a
[ref]   Verify that key-management procedures specify
Group   3.6.7.b
[ref]   Interview personnel and/or observe processes to
Group   3.6.8
[ref]   Requirement for cryptographic
Group   3.6.8.a
[ref]   Verify that key-management procedures specify
Group   3.6.8.b
[ref]   Observe documentation or other evidence showing
Group   3.6.b
[ref]   Examine the key-management procedures and processes
Group   3.7
[ref]   Ensure that security policies and
Group   4.
[ref]   Encrypt transmission of cardholder data across open, public networks
Group   4.1
[ref]   Use strong cryptography and security
Group   4.1.1
[ref]   Ensure wireless networks transmitting
Group   4.1.a
[ref]   Identify all locations where cardholder data is
Group   4.1.b
[ref]   Review documented policies and procedures to verify
Group   4.1.c
[ref]   Select and observe a sample of inbound and outbound
Group   4.1.d
[ref]   Examine keys and certificates to verify that only
Group   4.1.e
[ref]   Examine system configurations to verify that the
Group   4.1.f
[ref]   Examine system configurations to verify that the proper
Group   4.1.g
[ref]   For TLS implementations, examine system
Group   4.2
[ref]   Never send unprotected PANs by end-
Group   4.2.a
[ref]   If end-user messaging technologies are used to send
Group   4.2.b
[ref]   Review written policies to verify the existence of a
Group   4.3
[ref]   Ensure that security policies and
Group   5.
[ref]   Protect all systems against malware and regularly update anti-virus
Group   5.1
[ref]   Deploy anti-virus software on all
Group   5.1.1
[ref]   Ensure that anti-virus programs
Group   5.1.2
[ref]   For systems considered to be not
Group   5.2
[ref]   Ensure that all anti-virus mechanisms
Group   5.2.a
[ref]   Examine policies and procedures to verify that anti-virus
Group   5.2.b
[ref]   Examine anti-virus configurations, including the master
Group   5.2.c
[ref]   Examine a sample of system components, including all
Group   5.2.d
[ref]   Examine anti-virus configurations, including the master
Group   5.3
[ref]   Ensure that anti-virus mechanisms
Group   5.3.a
[ref]   Examine anti-virus configurations, including the master
Group   5.3.b
[ref]   Examine anti-virus configurations, including the master
Group   5.3.c
[ref]   Interview responsible personnel and observe processes to
Group   5.4
[ref]   Ensure that security policies and
Group   6.
[ref]   Develop and maintain secure systems and applications
Group   6.1
[ref]   Establish a process to identify security
Group   6.1.a
[ref]   Examine policies and procedures to verify that
Group   6.1.b
[ref]   Interview responsible personnel and observe
Group   6.2
[ref]   Ensure that all system components and
Group   6.2.a
[ref]   Examine policies and procedures related to security-
Group   6.2.b
[ref]   For a sample of system components and related
Group   6.3
[ref]   Develop internal and external software
Group   6.3.1
[ref]   Remove development, test and/or
Group   6.3.2
[ref]   Review custom code prior to release
Group   6.3.2.a
[ref]   Examine written software-development procedures
Group   6.3.2.b
[ref]   Select a sample of recent custom application
Group   6.3.a
[ref]   Examine written software-development processes to
Group   6.3.b
[ref]   Examine written software-development processes to
Group   6.3.c
[ref]   Examine written software-development processes to
Group   6.3.d
[ref]   Interview software developers to verify that written
Group   6.4
[ref]   Follow change control processes and
Group   6.4.1
[ref]   Separate development/test
Group   6.4.1.a
[ref]   Examine network documentation and network
Group   6.4.1.b
[ref]   Examine access controls settings to verify that
Group   6.4.2
[ref]   Separation of duties between
Group   6.4.3
[ref]   Production data (live PANs) are not
Group   6.4.3.a
[ref]   Observe testing processes and interview
Group   6.4.3.b
[ref]   Examine a sample of test data to verify production
Group   6.4.4
[ref]   Removal of test data and accounts
Group   6.4.4.a
[ref]   Observe testing processes and interview
Group   6.4.4.b
[ref]   Examine a sample of data and accounts from
Group   6.4.5
[ref]   Change control procedures for the
Group   6.4.5.a
[ref]   Examine documented change control procedures
Group   6.4.5.b
[ref]   For a sample of system components, interview
Group   6.5
[ref]   Address common coding vulnerabilities in
Group   6.5.1
[ref]   Injection flaws, particularly SQL
Group   6.5.10
[ref]   Broken authentication and session
Group   6.5.2
[ref]   Buffer overflows
Group   6.5.3
[ref]   Insecure cryptographic storage
Group   6.5.4
[ref]   Insecure communications
Group   6.5.5
[ref]   Improper error handling
Group   6.5.6
[ref]   Examine software-development policies and
Group   6.5.7
[ref]   Cross-site scripting (XSS)
Group   6.5.8
[ref]   Improper access control (such as
Group   6.5.9
[ref]   Cross-site request forgery (CSRF)
Group   6.5.a
[ref]   Examine software-development policies and
Group   6.5.b
[ref]   Interview a sample of developers to verify that they are
Group   6.5.c
[ref]   Examine records of training to verify that software
Group   6.6
[ref]   For public-facing web applications,
Group   6.7
[ref]   Ensure that security policies and
Group   7.
[ref]   Restrict access to cardholder data by business need to know
Group   7.1
[ref]   Limit access to system
Group   7.1.1
[ref]   Define access needs for
Group   7.1.2
[ref]   Restrict access to privileged
Group   7.1.2.a
[ref]   Interview personnel responsible for assigning access to
Group   7.1.2.b
[ref]   Select a sample of user IDs with privileged access and
Group   7.1.3
[ref]   Assign access based on
Group   7.1.4
[ref]   Require documented
Group   7.2
[ref]   Establish an access control
Group   7.2.1
[ref]   Coverage of all system
Group   7.2.2
[ref]   Assignment of privileges to
Group   7.2.3
[ref]  
Group   7.3
[ref]   Ensure that security policies and
Group   8.
[ref]   Identify and authenticate access to system components
Group   8.1
[ref]   Define and implement policies and
Group   8.1.1
[ref]   Assign all users a unique ID
Group   8.1.2
[ref]   Control addition, deletion, and
Group   8.1.3
[ref]   Immediately revoke access for
Group   8.1.3.a
[ref]   Select a sample of users terminated in the past six
Group   8.1.3.b
[ref]   Verify all physical authentication methods
Group   8.1.4
[ref]   Remove/disable inactive user
Group   8.1.5
[ref]   Manage IDs used by vendors to
Group   8.1.5.a
[ref]   Interview personnel and observe processes for
Group   8.1.5.b
[ref]   Interview personnel and observe processes to verify
Group   8.1.6
[ref]   Limit repeated access attempts
Group   8.1.6.a
[ref]   For a sample of system components, inspect system
Group   8.1.6.b
[ref]  
Group   8.1.7
[ref]   Set the lockout duration to a
Group   8.1.8
[ref]   If a session has been idle for
Group   8.1.a
[ref]   Review procedures and confirm they define processes for
Group   8.1.b
[ref]   Verify that procedures are implemented for user
Group   8.2
[ref]   In addition to assigning a unique ID,
Group   8.2.1
[ref]   Using strong cryptography,
Group   8.2.1.a
[ref]   Examine vendor documentation and system
Group   8.2.1.b
[ref]   For a sample of system components, examine
Group   8.2.1.c
[ref]   For a sample of system components, examine data
Group   8.2.1.d
[ref]  
Group   8.2.2
[ref]   Verify user identity before
Group   8.2.3
[ref]   Passwords/phrases must meet
Group   8.2.3.a
[ref]   For a sample of system components, inspect system
Group   8.2.3.b
[ref]  
Group   8.2.4
[ref]   Change user
Group   8.2.4.a
[ref]   For a sample of system components, inspect system
Group   8.2.4.b
[ref]  
Group   8.2.5
[ref]   Do not allow an individual to
Group   8.2.5.a
[ref]   For a sample of system components, obtain and
Group   8.2.5.b
[ref]  
Group   8.2.6
[ref]   Set passwords/phrases for first-
Group   8.3
[ref]   Incorporate two-factor authentication
Group   8.3.a
[ref]   Examine system configurations for remote access servers
Group   8.3.b
[ref]   Observe a sample of personnel (for example, users and
Group   8.4
[ref]   Document and communicate
Group   8.4.a
[ref]   Examine
Group   8.4.b
[ref]   Review authentication policies and procedures that are
Group   8.4.c
[ref]   Interview a sample of users to verify that they are familiar
Group   8.5
[ref]   Do not use group, shared, or generic
Group   8.5.1
[ref]  
Group   8.5.a
[ref]   For a sample of system components, examine user ID lists
Group   8.5.b
[ref]   Examine authentication policies and procedures to verify
Group   8.5.c
[ref]   Interview system administrators to verify that group and
Group   8.6
[ref]   Where other authentication
Group   8.6.a
[ref]   Examine authentication policies and procedures to verify
Group   8.6.b
[ref]   Interview security personnel to verify authentication
Group   8.6.c
[ref]   Examine system configuration settings and/or physical
Group   8.7
[ref]   All access to any database
Group   8.7.a
[ref]   Review database and application configuration settings
Group   8.7.b
[ref]   Examine database and application configuration settings to
Group   8.7.c
[ref]   Examine database access control settings and database
Group   8.7.d
[ref]   Examine database access control settings, database
Group   8.8
[ref]   Ensure that security policies and
Group   10.
[ref]   Track and monitor all access to network resources and cardholder data
Group   10.1
[ref]   Implement audit trails to link all
Group   10.2
[ref]   Implement automated audit trails for
Group   10.2.1
[ref]   All individual user accesses to
Group   10.2.2
[ref]   All actions taken by any
Group   10.2.3
[ref]   Access to all audit trails
Group   10.2.4
[ref]   Invalid logical access attempts
Group   10.2.5
[ref]   Use of and changes to
Group   10.2.5.a
[ref]   Verify use of identification and authentication
Group   10.2.5.b
[ref]   Verify all elevation of privileges is logged.
Group   10.2.5.c
[ref]   Verify all changes, additions, or deletions to any account
Group   10.2.6
[ref]   Initialization, stopping, or
Group   10.2.7
[ref]   Creation and deletion of system-
Group   10.3
[ref]   Record at least the following audit
Group   10.3.1
[ref]   User identification
Group   10.3.2
[ref]   Type of event
Group   10.3.3
[ref]   Date and time
Group   10.3.4
[ref]   Success or failure indication
Group   10.3.5
[ref]   Origination of event
Group   10.3.6
[ref]   Identity or name of affected
Group   10.4
[ref]   Using time-synchronization
Group   10.4.1
[ref]   Critical systems have the
Group   10.4.1.a
[ref]   Examine the process for acquiring, distributing and
Group   10.4.1.b
[ref]   Observe the time-related system-parameter settings for
Group   10.4.2
[ref]   Time data is protected.
Group   10.4.2.a
[ref]   Examine system configurations and time-
Group   10.4.2.b
[ref]   Examine system configurations, time synchronization
Group   10.4.3
[ref]   Time settings are received from
Group   10.5
[ref]   Secure audit trails so they cannot
Group   10.5.1
[ref]   Limit viewing of audit trails to
Group   10.5.2
[ref]   Protect audit trail files from
Group   10.5.3
[ref]   Promptly back up audit trail files
Group   10.5.4
[ref]   Write logs for external-facing
Group   10.5.5
[ref]   Use file-integrity monitoring or
Group   10.6
[ref]   Review logs and security events for
Group   10.6.1
[ref]   Review the following at least
Group   10.6.1.a
[ref]   Examine security policies and procedures to verify that
Group   10.6.1.b
[ref]   Observe processes and interview personnel to verify
Group   10.6.2
[ref]   Review logs of all other system
Group   10.6.2.a
[ref]   Examine security policies and procedures to verify that
Group   10.6.2.b
[ref]  
Group   10.6.3
[ref]   Follow up exceptions and
Group   10.6.3.a
[ref]   Examine security policies and procedures to verify that
Group   10.6.3.b
[ref]   Observe processes and interview personnel to verify
Group   10.7
[ref]   Retain audit trail history for at least
Group   10.7.a
[ref]   Examine security policies and procedures to verify that they
Group   10.7.b
[ref]   Interview personnel and examine audit logs to verify that
Group   10.7.c
[ref]   Interview personnel and observe processes to verify that at
Group   10.8
[ref]   Ensure that security policies and
Group   11.
[ref]   Regularly test security systems and processes
Group   11.1
[ref]   Implement processes to test for the
Group   11.1.1
[ref]   Maintain an inventory of
Group   11.1.2
[ref]   Implement incident response
Group   11.1.2.a
[ref]  
Group   11.1.2.b
[ref]   Interview responsible personnel and/or inspect
Group   11.1.a
[ref]   Examine policies and procedures to verify processes
Group   11.1.b
[ref]   Verify that the methodology is adequate to detect and
Group   11.1.c
[ref]   If wireless scanning is utilized, examine output from
Group   11.1.d
[ref]   If automated monitoring is utilized (for example,
Group   11.2
[ref]   Run internal and external network
Group   11.2.1
[ref]   Perform quarterly internal
Group   11.2.1.a
[ref]   Review the scan reports and verify that four
Group   11.2.1.b
[ref]   Review the scan reports and verify that the scan
Group   11.2.2
[ref]   Perform quarterly external
Group   11.2.2.c
[ref]   Review the scan reports to verify that the scans
Group   11.2.3
[ref]   Perform internal and external
Group   11.2.3.a
[ref]   Inspect and correlate change control
Group   11.2.3.b
[ref]   Review scan reports and verify that the scan
Group   11.2.3.c
[ref]   Validate that the scan was performed by a qualified
Group   11.3
[ref]   Implement a methodology for
Group   11.3.1
[ref]   Perform
Group   11.3.1.a
[ref]   Examine the scope of work and results from the
Group   11.3.1.b
[ref]   Verify that the test was performed by a qualified
Group   11.3.2
[ref]   Perform
Group   11.3.2.a
[ref]   Examine the scope of work and results from the
Group   11.3.2.b
[ref]   Verify that the test was performed by a qualified
Group   11.3.3
[ref]   Exploitable vulnerabilities found
Group   11.3.4
[ref]   If segmentation is used to isolate
Group   11.3.4.a
[ref]   Examine segmentation controls and review
Group   11.3.4.b
[ref]   Examine the results from the most recent
Group   11.4
[ref]   Use intrusion-detection and/or
Group   11.4.a
[ref]   Examine system configurations and network diagrams
Group   11.4.b
[ref]   Examine system configurations and interview
Group   11.4.c
[ref]   Examine IDS/IPS configurations and vendor
Group   11.5
[ref]   Deploy a change-detection
Group   11.5.1
[ref]   Implement a process to respond to
Group   11.5.a
[ref]   Verify the use of a change-detection mechanism within
Group   11.5.b
[ref]   Verify the mechanism is configured to alert personnel
Group   11.6
[ref]   Ensure that security policies and
Group   Values
[ref]   Group of values used in PCI-DSS profile
Group   Non PCI-DSS
[ref]   Rules that are not part of PCI-DSS
Red Hat and Red Hat Enterprise Linux are either registered trademarks or trademarks of Red Hat, Inc. in the United States and other countries. All other names are registered trademarks or trademarks of their respective companies.