STIGQter: STIG Summary: Mainframe Product Security Requirements Guide Version: 1 Release: 4 Benchmark Date: 24 Jan 2020:

Mainframe Products must implement cryptographic mechanisms to protect the integrity of nonlocal maintenance and diagnostic communications.

DISA Rule

SV-82913r1_rule

Vulnerability Number

V-68423

Group Title

SRG-APP-000411-MFP-000260

Rule Version

SRG-APP-000411-MFP-000260

Severity

CAT II

CCI(s)

• CCI-002890 - The information system implements cryptographic mechanisms to protect the integrity of nonlocal maintenance and diagnostic communications.

Weight

10

Fix Recommendation

Configure the Mainframe Product to use FIPS 140 compliant modules to protect the integrity of nonlocal maintenance and diagnostic communications.

Check Contents

If the Mainframe Product has no function or capability for nonlocal maintenance, this is not applicable.

Examine installation and configuration settings.

If the Mainframe Product does not use FIPS 140 compliant modules to protect the integrity of nonlocal maintenance and diagnostic communications, this is a finding.

Vulnerability Number

V-68423

Documentable

False

Rule Version

SRG-APP-000411-MFP-000260

Severity Override Guidance

If the Mainframe Product has no function or capability for nonlocal maintenance, this is not applicable.

Examine installation and configuration settings.

If the Mainframe Product does not use FIPS 140 compliant modules to protect the integrity of nonlocal maintenance and diagnostic communications, this is a finding.

Check Content Reference

M

Target Key

3061

Comments