PCI DSS 2.0/3.0 - AIX

Warning! Audit Deprecated

This audit file has been deprecated and will be removed in a future update.

View Next Version

Audit Details

Name: PCI DSS 2.0/3.0 - AIX

Updated: 7/12/2022

Authority: PCI DSS

Plugin: Unix

Revision: 1.33

Estimated Item Count: 263

Audit Items

Description	Categories
PCI 2.2.4 - Remove all unnecessary functionality - CDE - 'de-installing CDE'	CONFIGURATION MANAGEMENT
PCI 2.2.4 - Remove all unnecessary functionality - NFS - 'de-install NFS'	CONFIGURATION MANAGEMENT
PCI 2.2.4 - Remove all unnecessary functionality - NIS - 'bos.net.nis.client is not installed'	CONFIGURATION MANAGEMENT
PCI 2.2.4 - Remove all unnecessary functionality - NIS - 'bos.net.nis.server is not installed'	CONFIGURATION MANAGEMENT
PCI 2.2.4 - Verify that common security parameter settings are included - '/etc/environment PATH does not include dot'	CONFIGURATION MANAGEMENT
PCI 2.2.4 - Verify that common security parameter settings are included - '/etc/motd contains the appropriate text'	ACCESS CONTROL
PCI 2.2.4 - Verify that common security parameter settings are included - '/etc/profile PATH does not include dot'	CONFIGURATION MANAGEMENT
PCI 2.2.4 - Verify that common security parameter settings are included - '~root/.profile PATH does not include dot'	CONFIGURATION MANAGEMENT
PCI 2.2.4 - Verify that common security parameter settings are included - 'default herald is set to appropriate text'	ACCESS CONTROL
PCI 2.2.4 - Verify that common security parameter settings are included - 'default umask = 27'	ACCESS CONTROL
PCI 2.2.4 - Verify that common security parameter settings are included - 'hosts.equiv has no entries'	CONFIGURATION MANAGEMENT
PCI 2.2.4 - Verify that common security parameter settings are included - 'no group or world writable directories in root PATH'	ACCESS CONTROL
PCI 2.2.4 - Verify that common security parameter settings are included - 'no SUID or SGID files exist'	ACCESS CONTROL
PCI 2.2.4 - Verify that common security parameter settings are included - 'no unowned files exist'	ACCESS CONTROL
PCI 2.2.4 - Verify that common security parameter settings are included - 'no world writable directories exist'	ACCESS CONTROL
PCI 2.2.4 - Verify that common security parameter settings are included - 'no world writable files exist'	ACCESS CONTROL
PCI 2.2.4 - Verify that common security parameter settings are included - 'on:/usr/sbin/getty does not exist in /etc/inittab'	CONFIGURATION MANAGEMENT
PCI 2.2.4 - Verify that common security parameter settings are included - 'rcp mode 000'	CONFIGURATION MANAGEMENT
PCI 2.2.4 - Verify that common security parameter settings are included - 'rlogin mode 000'	CONFIGURATION MANAGEMENT
PCI 2.2.4 - Verify that common security parameter settings are included - 'rlogind mode 000'	CONFIGURATION MANAGEMENT
PCI 2.2.4 - Verify that common security parameter settings are included - 'rsh mode 000'	CONFIGURATION MANAGEMENT
PCI 2.2.4 - Verify that common security parameter settings are included - 'rshd mode 000'	CONFIGURATION MANAGEMENT
PCI 2.2.4 - Verify that common security parameter settings are included - 'tftpd mode 000'	CONFIGURATION MANAGEMENT
PCI 2.2.4 - Verify that common security parameter settings are included - at access - 'at.deny does not exist'	ACCESS CONTROL
PCI 2.2.4 - Verify that common security parameter settings are included - at permissions - '/var/adm/cron/at.allow root:sys 400'	ACCESS CONTROL
PCI 2.2.4 - Verify that common security parameter settings are included - authorized users in at.allow - 'at.allow contains @USERNAME@'	ACCESS CONTROL
PCI 2.2.4 - Verify that common security parameter settings are included - authorized users in at.allow - 'at.allow contains adm'	ACCESS CONTROL
PCI 2.2.4 - Verify that common security parameter settings are included - authorized users in at.allow - 'at.allow contains sys'	ACCESS CONTROL
PCI 2.2.4 - Verify that common security parameter settings are included - authorized users in at.allow - 'at.allow includes root'	ACCESS CONTROL
PCI 2.2.4 - Verify that common security parameter settings are included - authorized users in at.allow - 'only root, sys, adm, @USERNAME@'	ACCESS CONTROL
PCI 2.2.4 - Verify that common security parameter settings are included - authorized users in at.allow - 'only root, sys, adm'	ACCESS CONTROL
PCI 2.2.4 - Verify that common security parameter settings are included - authorized users in cron.allow - 'cron.allow contains @USERNAME@'	ACCESS CONTROL
PCI 2.2.4 - Verify that common security parameter settings are included - authorized users in cron.allow - 'cron.allow contains adm'	ACCESS CONTROL
PCI 2.2.4 - Verify that common security parameter settings are included - authorized users in cron.allow - 'cron.allow contains sys'	ACCESS CONTROL
PCI 2.2.4 - Verify that common security parameter settings are included - authorized users in cron.allow - 'cron.allow includes root'	ACCESS CONTROL
PCI 2.2.4 - Verify that common security parameter settings are included - authorized users in cron.allow - 'only root, sys, adm, @USERNAME@'	ACCESS CONTROL
PCI 2.2.4 - Verify that common security parameter settings are included - authorized users in cron.allow - 'only root,sys,adm'	ACCESS CONTROL
PCI 2.2.4 - Verify that common security parameter settings are included - CDE - 'disabling dtlogin'	CONFIGURATION MANAGEMENT
PCI 2.2.4 - Verify that common security parameter settings are included - CDE - 'Dtlogin.servers = /etc/dt/config/Xservers'	CONFIGURATION MANAGEMENT
PCI 2.2.4 - Verify that common security parameter settings are included - CDE - 'dtsession*lockTimeout <= 10'	ACCESS CONTROL
PCI 2.2.4 - Verify that common security parameter settings are included - CDE - 'dtsession*saverTimeout <= 10'	ACCESS CONTROL
PCI 2.2.4 - Verify that common security parameter settings are included - CDE - 'remote GUI login disabled'	ACCESS CONTROL
PCI 2.2.4 - Verify that common security parameter settings are included - CDE - dtaction permissions	CONFIGURATION MANAGEMENT
PCI 2.2.4 - Verify that common security parameter settings are included - CDE - dtappgather permissions	CONFIGURATION MANAGEMENT
PCI 2.2.4 - Verify that common security parameter settings are included - CDE - dtlogin*greeting.labelString is set to appropriate text	ACCESS CONTROL
PCI 2.2.4 - Verify that common security parameter settings are included - CDE - dtlogin*greeting.persLabelString is set to appropriate text	ACCESS CONTROL
PCI 2.2.4 - Verify that common security parameter settings are included - CDE - dtprintinfo permissions	CONFIGURATION MANAGEMENT
PCI 2.2.4 - Verify that common security parameter settings are included - CDE - dtsession permissions	CONFIGURATION MANAGEMENT
PCI 2.2.4 - Verify that common security parameter settings are included - CDE - Xconfig permissions	CONFIGURATION MANAGEMENT
PCI 2.2.4 - Verify that common security parameter settings are included - CDE - Xresources permissions	CONFIGURATION MANAGEMENT

Detections

Analytics

PCI DSS 2.0/3.0 - AIX

Warning! Audit Deprecated

Audit Details

Audit Items