Up
Previous Next

Sheriff CSM™

PCI DSS 3.2 Requirement 8: Identify and Authenticate Access to System Components

Testing Procedure How Sheriff CSM Delivers Sheriff CSM Instructions Sheriff CSM Documentation
8.1.6.a For a sample of system components, inspect system configuration settings to verify that authentication parameters are set to require that user accounts be locked out after not more than six invalid logon attempts. In Sheriff CSM you can view bruteforce logon events to see if they trigger an account lockout, or view account lockout events to see how many times they failed to log on. Sheriff CSM will generate bruteforce authentication alarms. Observe Sheriff CSM bruteforce authentication alarms for notification of login attempts that exceed lockout limitations. Reviewing Alarms as a List
8.1.7 For a sample of system components, inspect system configuration settings to verify that password parameters are set to require that once a user account is locked out, it remains locked for a minimum of 30 minutes or until a system administrator resets the account. In Sheriff CSM you can view bruteforce logon events to see if they trigger an account lockout, or view account lockout events to see how many times they failed to log on. Sheriff CSM detects account lockouts and provides visibility into the next subsequent login to verify that minimum lockout duration is satisfied. Security Events Views
8.5.a For a sample of system components, examine user ID lists to verify the following:
• Generic user IDs are disabled or removed.
• Shared user IDs for system administration activities and other critical functions do not exist.
• Shared and generic user IDs are not used to administer any system components.
Configure Vulnerability Scans in Sheriff CSM to test security parameters for Linux and Windows servers. Create a custom scan profile, and in the "Autoenable plugins option", select the "Autoenable by family" option. Then enable the appropriate checks in scanning profile for target host. Creating a Custom Scan Profile
Run a Vulnerability Scan using the custom scan profile that was created. Performing Vulnerability Scans
Export successful scan results and identify findings to determine if system is configured correctly. Viewing the Scan Results
Topic revision: r8 - 30 Apr 2022, SheriffCyberSecurity
Copyright 2020 Sheriff Cyber Security, LLC. All rights reserved.