STIGQter: STIG Summary: Mainframe Product Security Requirements Guide Version: 1 Release: 4 Benchmark Date: 24 Jan 2020:

The Mainframe Product must off-load audit records onto a different system or media than the system being audited.

DISA Rule

SV-82749r1_rule

Vulnerability Number

V-68259

Group Title

SRG-APP-000358-MFP-000149

Rule Version

SRG-APP-000358-MFP-000149

Severity

CAT II

CCI(s)

• CCI-001851 - The information system off-loads audit records per organization-defined frequency onto a different system or media than the system being audited.

Weight

10

Fix Recommendation

Configure the Mainframe Product installation and/or configurations settings to off-load audit records onto a different system or media than the system being audited.

Check Contents

If the Mainframe Product uses MVS System Management Facility (SMF) recording or external security manager (ESM) log files for auditing purposes, this is not applicable.

Examine the Mainframe Product installation and configuration auditing settings.

If the installation and/or configuration setting for auditing do not require the off-loading of audit records onto a different system or media than the system being audited, this is a finding.

Vulnerability Number

V-68259

Documentable

False

Rule Version

SRG-APP-000358-MFP-000149

Severity Override Guidance

If the Mainframe Product uses MVS System Management Facility (SMF) recording or external security manager (ESM) log files for auditing purposes, this is not applicable.

Examine the Mainframe Product installation and configuration auditing settings.

If the installation and/or configuration setting for auditing do not require the off-loading of audit records onto a different system or media than the system being audited, this is a finding.

Check Content Reference

M

Target Key

3061

Comments