STIGQter: STIG Summary: IBM z/VM Using CA VM:Secure Security Technical Implementation Guide Version: 1 Release: 2 Benchmark Date: 27 Apr 2018:

CA VM:Secure product SECURITY CONFIG file must be restricted to appropriate personnel.

DISA Rule

SV-93615r1_rule

Vulnerability Number

V-78909

Group Title

SRG-OS-000256-GPOS-00097

Rule Version

IBMZ-VM-000830

Severity

CAT II

CCI(s)

• CCI-000366 - The organization implements the security configuration settings.
• CCI-001493 - The information system protects audit tools from unauthorized access.

Weight

10

Fix Recommendation

Create rules in the CA VM:Secure product Rules Facility that restricts access to the disk where the “SECURITY CONFIG” file resides to auditors, system administrators or security administrators only.

Check Contents

Query the CA VM:Secure product rules.

If there are product rules granting access to the disk on which the “SECURITY CONFIG” file resides for auditors, system administrators or security administrators only, this is not a finding.

Vulnerability Number

V-78909

Documentable

False

Rule Version

IBMZ-VM-000830

Severity Override Guidance

Query the CA VM:Secure product rules.

If there are product rules granting access to the disk on which the “SECURITY CONFIG” file resides for auditors, system administrators or security administrators only, this is not a finding.

Check Content Reference

M

Target Key

3211

Comments