
PCI Requirement 11.5 – Deploy a Change-Detection Mechanisms to Alert Personnel to Unauthorized Modification of Critical System Files, Configuration Files, or Content Files
Change-Detection Mechanisms If change-detection mechanisms are not implemented properly, a malicious individual could take advantage and could add, remove, or alter configuration file contents, operating system programs, or application executables. This is why PCI Requirement 11.5 says, “Deploy a change-detection mechanism to alert personnel to unauthorized modification of critical system files, configuration files, or content files; and configure the software to perform critical file comparisons at least weekly.” During…



