PCI DSS and Red Hat Enterprise Linux (Final part #9)

Requirement A.1: Shared hosting providers must protect the cardholder data environment

Abstract

The most obvious method to fulfill the requirements given in section А.1 is to assign a virtual server (or a set of servers) that meets the requirements from the chapters described above to every client .

There are no analogous requirements in the CIS standards

PCI DSS and Red Hat Enterprise Linux (Part #8)

Requirement 10: Track and monitor all access to network resources and cardholder data

Abstract

Technically implemented requirements given in this chapter refer to the syslog server, the kernel-level audit system auditd, NTP server settings, and an integrity control system. There are almost no analogous items in CIS standards.