PrepAway - Latest Free Exam Questions & Answers

Which Power SC offering will support these requirements?

The Payment Card Industry Data Security Standard (PCI DSS) has the following requirements to
meet compliance:
“Secure audit trails so they cannot be altered.”
“Verify that current audit trail files are protected from unauthorized modifications via access
control mechanisms, physical segregation, and network segregation.”
Which Power SC offering will support these requirements?

PrepAway - Latest Free Exam Questions & Answers

A.
Trusted Network Connect

B.
Trusted Logging

C.
Trusted Audit

D.
Trusted Surveyor

Explanation:

6 Comments on “Which Power SC offering will support these requirements?

  1. Alessandro Mata says:

    D is correct.

    http://www.redbooks.ibm.com/abstracts/tips0980.html?Open

    Usage scenarios
    The Trusted Surveyor solution is often implemented when the complexity and cost to monitor and maintain the inventories of all servers’ VLANs and servers’ virtual machines become fastidious, time-consuming, and prone to errors.

    Additionally, Trusted Surveyor can create reports of your data center for regulatory compliance auditors and security officers automatically in either text or CSV format. Auditing a virtualized data center has never been easier and more reliable, as Trusted Surveyor can automate the reports and track any change for you. Here are some example scenarios:

    Scenario 1
    – Payment Card Industry Cardholder Data Environment
    An organization can check and monitor in real time that the PCI in-scope virtual machines are still defined on the correct VLANs, no additional VLANs have been added or deleted, and the server locations are correct. The network segregation can be demonstrated and compliance enforced, as any change to the base policy is detected by Trusted Surveyor.

    Scenario 2
    – Data center configuration monitoring
    An organization can check and monitor in real time which LPARs or virtual machines have been added, deleted, or relocated, and on which physical servers within the data center they are deployed. Trusted Surveyor can automatically compare any change within the network and server policies for several HMCs and hundreds of virtual machines in a few minutes. Data center configuration can be monitored and audited automatically.




    0



    0
  2. MC says:

    B.
    http://www.redbooks.ibm.com/redbooks/pdfs/sg248082.pdf
    page 29-30.

    2.2.6 Trusted Logging
    It is a critical element of many security standards to collect the audit records for
    critical operations and store them securely. For example, section 10.5 of the
    Payment Card Industry Data Security Standard (PCI DSS) requires the following
    actions by compliant organizations:


    Secure audit trails so they cannot be altered


    Verify that current audit trail files are protected from unauthorized
    modifications via access control mechanisms, physical segregation, and
    network segregation




    0



    0

Leave a Reply