19. 19Dome9で提供される評価ルール
PCI-DSS 3.2 に基づいたルールセットを提供
• 要件1.2.1に関連するルールは以下の7つ
• Ensure S3 buckets are not publicly accessible
• Ensure no security groups allow ingress from 0.0.0.0/0 to ALL ports and protocols
• Ensure no security groups allow ingress from 0.0.0.0/0 to RDP (TCP:3389)
• Ensure no security groups allow ingress from 0.0.0.0/0 to SSH (TCP:22)
• Ensure the default security group restricts all traffic
• Security Groups - with admin ports too exposed to the public internet
• Restrict outbound traffic to that which is necessary, and specifically deny all other
traffic