asked on

PCI audit log requirements in windows network

Is there any document in the public domain whereby the audit and monitoring requirements of PCI are translated into an active directory environment? So you can see on an AD level how and what to audit, how long to keep it for, to comply with PCI? Same for windows servers and workstations.

ASKER CERTIFIED SOLUTION

yo_bee

membership

This solution is only available to members.

To access this solution, you must be a member of Experts Exchange.

Start Free Trial

Pau Lo

ASKER

I was just coming at it from the angle that PCI is technology neutral, so was hoping someone may have interpreted the requirements specific to AD/Windows so admins can make the configs based on known PCI specific requirements.

yo_bee

Here is another link that might help

http://searchsecurity.techtarget.com/feature/PCI-Data-Security-Standard-How-to-survive-an-audit

yo_bee

Scriptlogic take on it

http://www.scriptlogic.com/Compliance/pci-data-security-standard.asp

http://www.scriptlogic.com/compliance/pci-data-security-standard.asp

Pau Lo

ASKER

Thats more how to get a pass that you meet all PCI requirements, as opposed one of the PCI requirements is specifically around audit LOGGING and monitoring. Thats what I was getting at...

SOLUTION

Leon Fester

membership

This solution is only available to members.

To access this solution, you must be a member of Experts Exchange.

Start Free Trial

SOLUTION

footech

membership

This solution is only available to members.

To access this solution, you must be a member of Experts Exchange.

Start Free Trial