STIGQter: STIG Summary: Mainframe Product Security Requirements Guide Version: 1 Release: 4 Benchmark Date: 24 Jan 2020:

Mainframe Products must audit nonlocal maintenance and diagnostic sessions audit events as defined in site security plan.

DISA Rule

SV-82911r1_rule

Vulnerability Number

V-68421

Group Title

SRG-APP-000409-MFP-000257

Rule Version

SRG-APP-000409-MFP-000257

Severity

CAT II

CCI(s)

• CCI-002884 - The organization audits nonlocal maintenance and diagnostic sessions^ organization-defined audit events.

Weight

10

Fix Recommendation

Configure the Mainframe Product to audit the nonlocal maintenance and diagnostic sessions audit events defined in site security plan using external security manager files and/or SMF records.

Check Contents

If the Mainframe Product has no function or capability for nonlocal maintenance this is not applicable.

Examine installation and configuration settings.

If the Mainframe Product does not audit the nonlocal maintenance and diagnostic sessions audit events defined in site security plan using external security manager files and/or SMF records, this is a finding.

Vulnerability Number

V-68421

Documentable

False

Rule Version

SRG-APP-000409-MFP-000257

Severity Override Guidance

If the Mainframe Product has no function or capability for nonlocal maintenance this is not applicable.

Examine installation and configuration settings.

If the Mainframe Product does not audit the nonlocal maintenance and diagnostic sessions audit events defined in site security plan using external security manager files and/or SMF records, this is a finding.

Check Content Reference

M

Target Key

3061

Comments