Hi Colin, My reading of PCI-DSS indicates that it is supposed to be stacked on top of an additional known standard. So, for full compliance, you'll need to scan against PCI-DSS here and then pick which of the other baseline standards you want to follow and run that one as well.
You should be able to put together a custom SCAP scenario to do all of the appropriate scans at once but keeping them separate is generally easier so that you don't have to munge with anything upstream. Thanks, Trevor On Tue, Jun 27, 2017 at 11:23 PM, Colin Madigan < [email protected]> wrote: > Hi Team, > > > > > > I have applied the PCI-DSS profile to my Centos 7 system and there seems > to be a false positive with the check “Disable Prelinking”. I have checked > the Remediation steps and they have been applied but check still marks as a > fail. Secondly with this PCI profile how come Rules like enabling or > checking SELinux are marked as notselected. Are these notselected rules not > part of PCI-DSS requirements or is this due to some other reason. > > > > > > Benchmark URL > > ssg-centos7-ds.xml > > > > Benchmark ID > > xccdf_org.ssgproject.content_benchmark_RHEL-7 > > > > Profile ID > > xccdf_org.ssgproject.content_profile_pci-dss > > > > > > > > > > > > Colin Madigan|UNIX Engineer > > T02 9344 2705 > > 30 Ross St, Glebe NSW 2037 > > [email protected] > > > > > > TPG Telecom (ASX: TPM) > > > > [image: Description: http://res.tpgi.com.au/img/signature/tpglogo.jpg] > > > > > > This email and any attachments are confidential and may be subject to > copyright, legal or some other professional privilege. They are intended > solely for the attention and use of the named addressee(s). They may only > be copied, distributed or disclosed with the consent of the copyright > owner. If you have received this email by mistake or by breach of the > confidentiality clause, please notify the sender immediately by return > email and delete or destroy all copies of the email. Any confidentiality, > privilege or copyright is not waived or lost because this email has been > sent to you by mistake. > > > Confidentiality: This email and any attachments are confidential and may > be subject to copyright, legal or some other professional privilege. They > are intended solely for the attention and use of the named addressee(s). > They may only be copied, distributed or disclosed with the consent of the > copyright owner. If you have received this email by mistake or by breach of > the confidentiality clause, please notify the sender immediately by return > email and delete or destroy all copies of the email. Any confidentiality, > privilege or copyright is not waived or lost because this email has been > sent to you by mistake. > > _______________________________________________ > scap-security-guide mailing list -- scap-security-guide@lists. > fedorahosted.org > To unsubscribe send an email to scap-security-guide-leave@ > lists.fedorahosted.org > > -- Trevor Vaughan Vice President, Onyx Point, Inc (410) 541-6699 x788 -- This account not approved for unencrypted proprietary information --
_______________________________________________ scap-security-guide mailing list -- [email protected] To unsubscribe send an email to [email protected]
