Video Screencast Help
Protect Your POS Environment Against Retail Data Breaches. Learn More.

CCS 10.5.1 check name duplication and inconsistent evidence

Created: 14 Mar 2013 | 1 comment

running10.5.1  checking servers mostly 2008.  Using Nist SP 800-53.   In the evidence I sometimes get results and sometimes (no data Available). I also see multiple listings of check name.  Example now is the check  Enforce password History set to 24 passwords remembered. I see that 2 times and it did pull the data.  but configure automatic updates didnt pull back data??

 

my main issues is why does it list the check name so many times?  I assume this effects my results as it is listed in the amount of failed checks. It shows 48 checks yet only 19 are there.

thanks

Operating Systems:

Comments 1 CommentJump to latest comment

Matt Plourde's picture

The duplicate check results aren't your fault - it's how the standard is written.

Head over to "Manage - Standards" and explode that puppy out. You'll notice checks repeated across sections.

My advice? Copy the NIST Standard, remove dupes, ENABLE the framework from Control Studio and you're good to go! :)