STIGQter: STIG Summary: Mainframe Product Security Requirements Guide Version: 1 Release: 4 Benchmark Date: 24 Jan 2020:

The Mainframe Product must implement cryptographic mechanisms to prevent unauthorized disclosure of all information not cleared for public release at rest on system components outside of organization facilities.

DISA Rule

SV-82957r1_rule

Vulnerability Number

V-68467

Group Title

SRG-APP-000429-MFP-000304

Rule Version

SRG-APP-000429-MFP-000304

Severity

CAT II

CCI(s)

• CCI-002476 - The information system implements cryptographic mechanisms to prevent unauthorized disclosure of organization-defined information at rest on organization-defined information system components.

Weight

10

Fix Recommendation

Configure the Mainframe Product to implement cryptographic mechanisms to prevent unauthorized disclosure of all information not cleared for public release at rest on system components outside of organization facilities.

Check Contents

Examine installation and configuration settings.

Review requirements for relevant organization or site-defined information.

If the Mainframe Product does not have cryptographic mechanisms implemented to prevent unauthorized disclosure of all information not cleared for public release at rest on system components outside of organization facilities, this is a finding.

Vulnerability Number

V-68467

Documentable

False

Rule Version

SRG-APP-000429-MFP-000304

Severity Override Guidance

Examine installation and configuration settings.

Review requirements for relevant organization or site-defined information.

If the Mainframe Product does not have cryptographic mechanisms implemented to prevent unauthorized disclosure of all information not cleared for public release at rest on system components outside of organization facilities, this is a finding.

Check Content Reference

M

Target Key

3061

Comments