CA VM:Secure product must be installed and operating.
DISA Rule
SV-93551r1_rule
Vulnerability Number
V-78845
Group Title
SRG-OS-000004-GPOS-00004
Rule Version
IBMZ-VM-000030
Severity
CAT II
CCI(s)
- CCI-000018 - The information system automatically audits account creation actions.
- CCI-000067 - The information system monitors remote access methods.
- CCI-000130 - The information system generates audit records containing information that establishes what type of event occurred.
- CCI-000131 - The information system generates audit records containing information that establishes when an event occurred.
- CCI-000132 - The information system generates audit records containing information that establishes where the event occurred.
- CCI-000133 - The information system generates audit records containing information that establishes the source of the event.
- CCI-000134 - The information system generates audit records containing information that establishes the outcome of the event.
- CCI-000135 - The information system generates audit records containing the organization-defined additional, more detailed information that is to be included in the audit records.
- CCI-000169 - The information system provides audit record generation capability for the auditable events defined in AU-2 a. at organization-defined information system components.
- CCI-000172 - The information system generates audit records for the events defined in AU-2 d. with the content defined in AU-3.
- CCI-001403 - The information system automatically audits account modification actions.
- CCI-001404 - The information system automatically audits account disabling actions.
- CCI-001405 - The information system automatically audits account removal actions.
- CCI-001487 - The information system generates audit records containing information that establishes the identity of any individuals or subjects associated with the event.
- CCI-001814 - The Information system supports auditing of the enforcement actions.
- CCI-002130 - The information system automatically audits account enabling actions.
- CCI-002234 - The information system audits the execution of privileged functions.
- CCI-002884 - The organization audits nonlocal maintenance and diagnostic sessions^ organization-defined audit events.
Weight
10
Fix Recommendation
CA VM:Secure product audits all commands.
Ensure CA VM:Secure product is installed and operational.
Using CA VM:Secure product audit of all commands with z/VM standard journal record assures that all pertinent information is stored.
Check Contents
Verify the CA VM:Secure product is operational on the system by entering the following command.
From the “CMS” command line enter:
VMSECURE VERSION
If there is no response, "VMSECURE" is not logged in, this is a finding.
Vulnerability Number
V-78845
Documentable
False
Rule Version
IBMZ-VM-000030
Severity Override Guidance
Verify the CA VM:Secure product is operational on the system by entering the following command.
From the “CMS” command line enter:
VMSECURE VERSION
If there is no response, "VMSECURE" is not logged in, this is a finding.
Check Content Reference
M
Target Key
3211
Comments
STIGQter: STIG Summary: IBM z/VM Using CA VM:Secure Security Technical Implementation Guide Version: 1 Release: 2 Benchmark Date: 27 Apr 2018: