STIGQter: STIG Summary: IBM Hardware Management Console (HMC) STIG Version: 1 Release: 5 Benchmark Date: 20 Jan 2015:

The Distributed Console Access Facility (DCAF) Console must be restricted to only authorized personnel.

DISA Rule

SV-29998r3_rule

Vulnerability Number

V-24344

Group Title

HLESC080

Rule Version

HLESC080

Severity

CAT II

CCI(s)

• CCI-002227 - The organization restricts privileged accounts on the information system to organization-defined personnel or roles.
• CCI-002235 - The information system prevents non-privileged users from executing privileged functions to include disabling, circumventing, or altering implemented security safeguards/countermeasures.

Weight

10

Fix Recommendation

Review access authorization to DCAF Consoles. Ensure that all personnel are restricted to authorized levels of access.

Remote access to the LAN may be provided through DCAF via a LAN or modem connection.
DCAF passwords should be implemented to prevent unauthorized access.

Check Contents

If the ESCON Director Application is present, verify that sign-on access to the DCAF Console is restricted to authorized personnel, otherwise, this check is not applicable.

If sign-on access to the DCAF Console is not restricted, this is a finding.

Vulnerability Number

V-24344

Documentable

False

Rule Version

HLESC080

Severity Override Guidance

If the ESCON Director Application is present, verify that sign-on access to the DCAF Console is restricted to authorized personnel, otherwise, this check is not applicable.

If sign-on access to the DCAF Console is not restricted, this is a finding.

Check Content Reference

M

Responsibility

Systems Programmer

Target Key

1891

Comments