STIGQter: STIG Summary: IBM z/VM Using CA VM:Secure Security Technical Implementation Guide Version: 1 Release: 2 Benchmark Date: 27 Apr 2018:

The IBM z/VM AUDT and Journal Mini Disks must be restricted to the appropriate system administrators.

DISA Rule

SV-93617r1_rule

Vulnerability Number

V-78911

Group Title

SRG-OS-000257-GPOS-00098

Rule Version

IBMZ-VM-000840

Severity

CAT II

CCI(s)

CCI-001494 - The information system protects audit tools from unauthorized modification.
CCI-001495 - The information system protects audit tools from unauthorized deletion.

Weight

Fix Recommendation

Create a CA VM:Secure rule that grants access to system administrators, security administrators, or system auditors only.

Check Contents

Examine the CA VM:Secure rules.

If there are Link rules for audit disk granted to anyone other than system administrators, security administrators, or system auditors, this is a finding.

Vulnerability Number

V-78911

Documentable

False

Rule Version

IBMZ-VM-000840

Severity Override Guidance

Examine the CA VM:Secure rules.

If there are Link rules for audit disk granted to anyone other than system administrators, security administrators, or system auditors, this is a finding.

Check Content Reference

Target Key

3211

The IBM z/VM AUDT and Journal Mini Disks must be restricted to the appropriate system administrators.

DISA Rule

Vulnerability Number

Group Title

Rule Version

Severity

CCI(s)

Weight

Fix Recommendation

Check Contents

Vulnerability Number

Documentable

Rule Version

Severity Override Guidance

Check Content Reference

Target Key

Comments