top of page
< Back

2.2.1 PCI DSS (v3.2.1)

Compliance Standard

Compliance Version

Control ID




Requirement 2: Do not use vendor-supplied defaults for system passwords and other security parameters


Implement only one primary function per server to prevent functions that require different security levels from co-existing on the same server. (For example, web servers, database servers, and DNS should be implemented on separate servers.)

Note: Where virtualization technologies are in use, implement only one primary function per virtual system component.

bottom of page