STIGQter: STIG Summary: IBM z/VM Using CA VM:Secure Security Technical Implementation Guide Version: 1 Release: 2 Benchmark Date: 27 Apr 2018:

IBM z/VM must remove or disable emergency accounts after the crisis is resolved or 72 hours.

DISA Rule

SV-93619r1_rule

Vulnerability Number

V-78913

Group Title

SRG-OS-000123-GPOS-00064

Rule Version

IBMZ-VM-000860

Severity

CAT II

CCI(s)

• CCI-001682 - The information system automatically removes or disables emergency accounts after an organization-defined time period for each type of account.

Weight

10

Fix Recommendation

Develop a policy and process to remove or disable emergency accounts after a crisis has been resolved or 72 hours.

Ensure that all emergency accounts are disabled after a crisis has been resolved or 72 hours.

Check Contents

Ask the system administrator (SA) for a documented process to remove or disable emergency accounts after a crisis has been resolved or 72 hours.

If there is no documented process, this is a finding.

If there are emergency accounts enabled check date/time of resolution of last crisis event.

If date/time is greater than 72 hours, this is a finding.

Vulnerability Number

V-78913

Documentable

False

Rule Version

IBMZ-VM-000860

Severity Override Guidance

Ask the system administrator (SA) for a documented process to remove or disable emergency accounts after a crisis has been resolved or 72 hours.

If there is no documented process, this is a finding.

If there are emergency accounts enabled check date/time of resolution of last crisis event.

If date/time is greater than 72 hours, this is a finding.

Check Content Reference

M

Target Key

3211

Comments