STIGQter: STIG Summary: Mainframe Product Security Requirements Guide Version: 1 Release: 4 Benchmark Date: 24 Jan 2020:

The Mainframe Product must limit the number of concurrent sessions to three for all accounts and/or account types.

DISA Rule

SV-82291r1_rule

Vulnerability Number

V-67801

Group Title

SRG-APP-000001-MFP-000001

Rule Version

SRG-APP-000001-MFP-000001

Severity

CAT II

CCI(s)

• CCI-000054 - The information system limits the number of concurrent sessions for each organization-defined account and/or account type to an organization-defined number of sessions.

Weight

10

Fix Recommendation

Configure the Mainframe Product to limit current sessions to three per account by type of user.

Check Contents

If the Mainframe Product has no log on capability, this requirement is not applicable.

Examine installation and configuration settings.

If concurrent sessions are not limited to three per account by type of user, this is a finding.

Vulnerability Number

V-67801

Documentable

False

Rule Version

SRG-APP-000001-MFP-000001

Severity Override Guidance

If the Mainframe Product has no log on capability, this requirement is not applicable.

Examine installation and configuration settings.

If concurrent sessions are not limited to three per account by type of user, this is a finding.

Check Content Reference

M

Target Key

3061

Comments