STIGQter: STIG Summary: Mainframe Product Security Requirements Guide Version: 1 Release: 4 Benchmark Date: 24 Jan 2020:

The Mainframe Products must provide the capability to filter audit records for events of interest as defined in site security plan.

DISA Rule

SV-82761r1_rule

Vulnerability Number

V-68271

Group Title

SRG-APP-000115-MFP-000157

Rule Version

SRG-APP-000115-MFP-000157

Severity

CAT II

CCI(s)

• CCI-000158 - The information system provides the capability to process audit records for events of interest based on organization-defined audit fields within audit records.

Weight

10

Fix Recommendation

Configure the Mainframe Product to filter audit record events of interest based on Site defined criteria

Check Contents

If the Mainframe Product does not perform audit data management or storage function, this is not applicable.

Examine installation and configuration settings.

Refer to the site's auditing policies.

Verify the Mainframe Product filters audit record events of interest based on Site defined criteria. If it does not, this is a finding.

Vulnerability Number

V-68271

Documentable

False

Rule Version

SRG-APP-000115-MFP-000157

Severity Override Guidance

If the Mainframe Product does not perform audit data management or storage function, this is not applicable.

Examine installation and configuration settings.

Refer to the site's auditing policies.

Verify the Mainframe Product filters audit record events of interest based on Site defined criteria. If it does not, this is a finding.

Check Content Reference

M

Target Key

3061

Comments