STIGQter: STIG Summary: IBM MQ Appliance v9.0 NDM Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 05 Jun 2017:

The MQ Appliance network device must use mechanisms meeting the requirements of applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance for authentication to a cryptographic module.

DISA Rule

SV-89647r1_rule

Vulnerability Number

V-74973

Group Title

SRG-APP-000179-NDM-000265

Rule Version

MQMH-ND-000720

Severity

CAT II

CCI(s)

• CCI-000803 - The information system implements mechanisms for authentication to a cryptographic module that meet the requirements of applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance for such authentication.

Weight

10

Fix Recommendation

Log on to the MQ Appliance CLI as a privileged user. Enable FIPS 140-2 Level 1 mode at the next reload of the firmware.

Enter:
config
crypto
crypto-mode-set fips-140-2-l1

The following message will appear:
"Crypto Mode Successfully set to fips-140-2-l1 for next boot."

Check Contents

Log on to the MQ Appliance CLI as a privileged user.

Enter:
config
crypto
show crypto-mode

The result should be: fips-140-2-l1

If it is not, this is a finding.

Vulnerability Number

V-74973

Documentable

False

Rule Version

MQMH-ND-000720

Severity Override Guidance

Log on to the MQ Appliance CLI as a privileged user.

Enter:
config
crypto
show crypto-mode

The result should be: fips-140-2-l1

If it is not, this is a finding.

Check Content Reference

M

Target Key

3243

Comments