STIGQter STIGQter: STIG Summary: Mainframe Product Security Requirements Guide Version: 1 Release: 4 Benchmark Date: 24 Jan 2020:

The Mainframe Product must prevent non-privileged users from executing privileged functions to include disabling, circumventing, or altering implemented security safeguards/countermeasures.

DISA Rule

SV-82659r1_rule

Vulnerability Number

V-68169

Group Title

SRG-APP-000340-MFP-000088

Rule Version

SRG-APP-000340-MFP-000088

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

Configure the Mainframe Product to prevent non-privileged users from executing privileged functions. This can be accomplished using the ESM.

Configure the ESM to restrict update and higher access to privileged functions to privileged users.

Check Contents

Examine installation and configuration settings.

Determine the Mainframe Product privileged functions.

If the Mainframe Product uses an external security manager (ESM) for access authorizations, verify the ESM prevents access to privileged functions to appropriate privileged users. If it does not, this is a finding.

If the Mainframe Product does not use an ESM to verify installation and configuration settings to prevent access to privileged functions to appropriate privileged users, this is a finding.

Vulnerability Number

V-68169

Documentable

False

Rule Version

SRG-APP-000340-MFP-000088

Severity Override Guidance

Examine installation and configuration settings.

Determine the Mainframe Product privileged functions.

If the Mainframe Product uses an external security manager (ESM) for access authorizations, verify the ESM prevents access to privileged functions to appropriate privileged users. If it does not, this is a finding.

If the Mainframe Product does not use an ESM to verify installation and configuration settings to prevent access to privileged functions to appropriate privileged users, this is a finding.

Check Content Reference

M

Target Key

3061

Comments