STIGQter: STIG Summary: Mainframe Product Security Requirements Guide Version: 1 Release: 4 Benchmark Date: 24 Jan 2020:

The Mainframe Product must audit the execution of privileged functions.

DISA Rule

SV-82663r1_rule

Vulnerability Number

V-68173

Group Title

SRG-APP-000343-MFP-000091

Rule Version

SRG-APP-000343-MFP-000091

Severity

CAT II

CCI(s)

• CCI-002234 - The information system audits the execution of privileged functions.

Weight

10

Fix Recommendation

Configure the Mainframe Product to log the execution of privileged functions using the external security manager, SMF, and/or the SYSLOG.

Check Contents

Examine installation and configuration settings.

Verify the Mainframe Product provides logging for execution of privileged functions through use of SMF, the SYSLOG, the external security management software log, or to some other reliable log file. If it does not, this is a finding.

Vulnerability Number

V-68173

Documentable

False

Rule Version

SRG-APP-000343-MFP-000091

Severity Override Guidance

Examine installation and configuration settings.

Verify the Mainframe Product provides logging for execution of privileged functions through use of SMF, the SYSLOG, the external security management software log, or to some other reliable log file. If it does not, this is a finding.

Check Content Reference

M

Target Key

3061

Comments