STIGQter: STIG Summary: IBM z/OS RACF Security Technical Implementation Guide Version: 8 Release: 3 Benchmark Date: 23 Apr 2021:

The IBM z/OS systems requiring data at rest protection must properly employ IBM DS8880 for full disk encryption for classified systems.

DISA Rule

SV-223788r604139_rule

Vulnerability Number

V-223788

Group Title

SRG-OS-000396-GPOS-00176

Rule Version

RACF-OS-000320

Severity

CAT II

CCI(s)

• CCI-002450 - The information system implements organization-defined cryptographic uses and type of cryptography required for each use in accordance with applicable federal laws, Executive Orders, directives, policies, regulations, and standards.

Weight

10

Fix Recommendation

Employ IBM's DS8880 hardware to ensure full disk encryption.

Check Contents

Determine if IBM's DS8880 Disks are in use.

If they are not in use for systems that require data at rest, this is a finding.

Vulnerability Number

V-223788

Documentable

False

Rule Version

RACF-OS-000320

Severity Override Guidance

Determine if IBM's DS8880 Disks are in use.

If they are not in use for systems that require data at rest, this is a finding.

Check Content Reference

M

Target Key

4101

Comments