[Forgot Password]
Login  Register Subscribe












Paid content will be excluded from the download.

Matches : 13 Download | Alert*

Malicious software, commonly referred to as malware including viruses, worms, and Trojans enters the network during many business-approved activities including employee e-mail and use of the Internet, mobile computers, and storage devices, resulting in the exploitation of system vulnerabilities. Anti-virus software must be used on all systems commonly affected by malware to protect systems from cu ...

Implement only one primary function per server to prevent functions that require different security levels from co-existing on the same server. (For example, web servers, database servers, and DNS should be implemented on separate servers.)

If virtualization technologies are used, verify that only one primary function is implemented per virtual system component or device.

Verify that all users are assigned a unique ID for access to system components or cardholder data and also verify that users are authenticated using unique ID and additional authentication (for example, a password) for access to the cardholder data environment.

Verify that inactive accounts over 90 days old are either removed or disabled.

The "Set time limit for idle sessions" policy should be set correctly for Terminal Services.

Enable only necessary and secure services, protocols, daemons,etc.as required for the function of the system.

Verify that the proper encryption strength is implemented for the encryption methodology in use. (Check vendor recommendations/best practices.)

Verify that the protocol is implemented to use only secure configurations, and does not support insecure versions or configurations.

Implement security features for any required services, protocols or daemons that are considered to be insecure for example, use secured technologies such as SSH, S-FTP, SSL, or IPSec VPN to protect insecure services such as NetBIOS, file-sharing, Telnet, FTP, etc.

Pages:      Start    1    ..   1

© SecPod Technologies