STIGQter: STIG Summary: Mainframe Product Security Requirements Guide Version: 1 Release: 4 Benchmark Date: 24 Jan 2020:

The mainframe product must allocate audit record storage capacity in accordance with organization-defined audit record storage requirements.

DISA Rule

SV-82747r1_rule

Vulnerability Number

V-68257

Group Title

SRG-APP-000357-MFP-000148

Rule Version

SRG-APP-000357-MFP-000148

Severity

CAT II

CCI(s)

• CCI-001849 - The organization allocates audit record storage capacity in accordance with organization-defined audit record storage requirements.

Weight

10

Fix Recommendation

Configure installation and/or configuration auditing settings to allocate audit record storage capacity in accordance with organization-defined audit record storage requirements.

Check Contents

If the Mainframe Product uses MVS System Management Facility (SMF) recording or ESM log files for auditing purposes, this is not applicable.

Examine the Mainframe Product installation and configuration auditing settings.

If the installation and/or configuration setting for auditing do not allocate audit record storage capacity in accordance with organization-defined audit record storage requirements, this is a finding.

Vulnerability Number

V-68257

Documentable

False

Rule Version

SRG-APP-000357-MFP-000148

Severity Override Guidance

If the Mainframe Product uses MVS System Management Facility (SMF) recording or ESM log files for auditing purposes, this is not applicable.

Examine the Mainframe Product installation and configuration auditing settings.

If the installation and/or configuration setting for auditing do not allocate audit record storage capacity in accordance with organization-defined audit record storage requirements, this is a finding.

Check Content Reference

M

Target Key

3061

Comments