[PCI DSS 3.0] [PCI DSS 3.0] 11.5.1 Implement a process to respond to any alerts generated by the change- detection solution.

pcinetwork

PCINetwork.org Admin
#1
11.5.1 Implement a process to respond to any alerts generated by the change- detection solution.

11.5.1 Interview personnel to verify that all alerts are investigated and resolved.

Change-detection solutions such as file-integrity monitoring (FIM) tools check for changes to critical files, and notify when such changes are detected.
If not implemented properly and the output of the change-detection solution monitored, a malicious individual could alter configuration file contents, operating system programs, or application executables. Unauthorized changes, if undetected, could render existing security controls ineffective and/or result in cardholder data being stolen with no perceptible impact to normal processing.
 
Top