Monday, November 22, 2010

PCI DSS and Red Hat Enterprise Linux (Final part #9)

Requirement A.1: Shared hosting providers must protect the cardholder data environment


The most obvious method to fulfill the requirements given in section А.1 is to assign a virtual server (or a set of servers) that meets the requirements from the chapters described above to every client .
There are no analogous requirements in the CIS standards

Monday, November 8, 2010

PCI DSS and Red Hat Enterprise Linux (Part #8)

Requirement 10: Track and monitor all access to network resources and cardholder data


Technically implemented requirements given in this chapter refer to the syslog server, the kernel-level audit system auditd, NTP server settings, and an integrity control system. There are almost no analogous items in CIS standards.