STIGQter: STIG Summary: Mainframe Product Security Requirements Guide Version: 1 Release: 4 Benchmark Date: 24 Jan 2020:

The Mainframe Product must associate types of security attributes having security attribute values as defined in site security plan with information in storage.

DISA Rule

SV-82613r1_rule

Vulnerability Number

V-68123

Group Title

SRG-APP-000311-MFP-000025

Rule Version

SRG-APP-000311-MFP-000025

Severity

CAT II

CCI(s)

• CCI-002262 - The organization provides the means to associate organization-defined types of security attributes having organization-defined security attribute values with information in storage.

Weight

10

Fix Recommendation

Configure the Mainframe Product to associate organization-defined security attributes to managed data sets in storage.

Verify the datasets attributes are labeled and/or tagged appropriately.

Check Contents

If the Mainframe Product does not perform data management or storage function this is not applicable.

Examine installation and configuration settings and / or specific meta-data for security attributes as defined by the organization.

If there is no data labeling or tagging, this is a finding.

Vulnerability Number

V-68123

Documentable

False

Rule Version

SRG-APP-000311-MFP-000025

Severity Override Guidance

If the Mainframe Product does not perform data management or storage function this is not applicable.

Examine installation and configuration settings and / or specific meta-data for security attributes as defined by the organization.

If there is no data labeling or tagging, this is a finding.

Check Content Reference

M

Target Key

3061

Comments