STIGQter: STIG Summary: IBM z/VM Using CA VM:Secure Security Technical Implementation Guide Version: 1 Release: 2 Benchmark Date: 27 Apr 2018:

CA VM:Secure product audit records must be offloaded on a weekly basis.

DISA Rule

SV-93631r1_rule

Vulnerability Number

V-78925

Group Title

SRG-OS-000479-GPOS-00224

Rule Version

IBMZ-VM-000950

Severity

CAT II

CCI(s)

• CCI-001851 - The information system off-loads audit records per organization-defined frequency onto a different system or media than the system being audited.

Weight

10

Fix Recommendation

Develop procedures that offload Audit minidisk on a weekly basis.

Check Contents

Check audit offload procedure.

If it can be determined that the audit records are being offloaded on a weekly basis, this is not a finding.

Vulnerability Number

V-78925

Documentable

False

Rule Version

IBMZ-VM-000950

Severity Override Guidance

Check audit offload procedure.

If it can be determined that the audit records are being offloaded on a weekly basis, this is not a finding.

Check Content Reference

M

Target Key

3211

Comments