On 6/27/17 11:23 PM, Colin Madigan wrote: > > Hi Team, > > I have applied the PCI-DSS profile to my Centos 7 system and there > seems to be a false positive with the check “Disable Prelinking”. I > have checked the Remediation steps and they have been applied but > check still marks as a fail. > What version of the content?
If downstream in CentOS: $rpm -qv scap-security-guide If upstream/GitHub, are you using the latest or a prior release? > Secondly with this PCI profile how come Rules like enabling or > checking SELinux are marked as notselected. Are these notselected > rules not part of PCI-DSS requirements or is this due to some other > reason. > Red Hat hired a PCI auditing company (called Neohapsis, now part of Cisco) to consult on broad PCI-DSS compliance efforts. They identified controls needed in a "RHEL for PCI" baseline. IIRC, PCI compliance requires exceptionally few security controls at the infrastructure level. Most was targeted about data management.
_______________________________________________ scap-security-guide mailing list -- [email protected] To unsubscribe send an email to [email protected]
