The Payment Card Industry Data Security Standard (PCI DSS) has the following requirements to
meet compliance:
“Secure audit trails so they cannot be altered.”
“Verify that current audit trail files are protected from unauthorized modifications via access
control mechanisms, physical segregation, and network segregation.”
Which Power SC offering will support these requirements?
A.
Trusted Network Connect
B.
Trusted Logging
C.
Trusted Audit
D.
Trusted Surveyor
Explanation:
The correct answer is B.
http://www.redbooks.ibm.com/redbooks/pdfs/sg248082.pdf
pag 30
0
0
The correct answer should be B)
http://www-03.ibm.com/systems/power/software/security/features.html
0
0
D is correct
0
0
D is correct.
http://www.redbooks.ibm.com/abstracts/tips0980.html?Open
Usage scenarios
The Trusted Surveyor solution is often implemented when the complexity and cost to monitor and maintain the inventories of all servers’ VLANs and servers’ virtual machines become fastidious, time-consuming, and prone to errors.
Additionally, Trusted Surveyor can create reports of your data center for regulatory compliance auditors and security officers automatically in either text or CSV format. Auditing a virtualized data center has never been easier and more reliable, as Trusted Surveyor can automate the reports and track any change for you. Here are some example scenarios:
Scenario 1
– Payment Card Industry Cardholder Data Environment
An organization can check and monitor in real time that the PCI in-scope virtual machines are still defined on the correct VLANs, no additional VLANs have been added or deleted, and the server locations are correct. The network segregation can be demonstrated and compliance enforced, as any change to the base policy is detected by Trusted Surveyor.
Scenario 2
– Data center configuration monitoring
An organization can check and monitor in real time which LPARs or virtual machines have been added, deleted, or relocated, and on which physical servers within the data center they are deployed. Trusted Surveyor can automatically compare any change within the network and server policies for several HMCs and hundreds of virtual machines in a few minutes. Data center configuration can be monitored and audited automatically.
0
0
I think the key is “Secure audit trails so they cannot be altered.”
I believe the answer is C…. Trusted Audit
0
0
B.
http://www.redbooks.ibm.com/redbooks/pdfs/sg248082.pdf
page 29-30.
2.2.6 Trusted Logging
It is a critical element of many security standards to collect the audit records for
critical operations and store them securely. For example, section 10.5 of the
Payment Card Industry Data Security Standard (PCI DSS) requires the following
actions by compliant organizations:
“
Secure audit trails so they cannot be altered
”
“
Verify that current audit trail files are protected from unauthorized
modifications via access control mechanisms, physical segregation, and
network segregation
0
0