STIGQter: STIG Summary: IBM z/VM Using CA VM:Secure Security Technical Implementation Guide Version: 1 Release: 2 Benchmark Date: 27 Apr 2018:

The IBM z/VM JOURNALING statement must be properly configured.

DISA Rule

SV-93641r2_rule

Vulnerability Number

V-78935

Group Title

SRG-OS-000329-GPOS-00128

Rule Version

IBMZ-VM-001020

Severity

CAT II

CCI(s)

• CCI-002238 - The information system automatically locks the account or node for either an organization-defined time period, until the locked account or node is released by an administrator, or delays the next logon prompt according to the organization-defined delay algorithm when the maximum number of unsuccessful logon attempts is exceeded.

Weight

10

Fix Recommendation

Configure the system config “JOURNALING” statement to include the following:

Logon,
Account after 3 attempts,
See IBMZ-VM-000040 for LOCKOUT setting.

Link,
Account after 3 attempts,
Disable after 3 attempts

Check Contents

View system config “JOURNALING” statement.

If the “JOURNALING” statement “LOGON” operand is configured as below, this is not a finding.

Logon,
Account after 3 attempts,
See IBMZ-VM-000040 for LOCKOUT setting.

Link,
Account after 3 attempts,
Disable after 3 attempts

Vulnerability Number

V-78935

Documentable

False

Rule Version

IBMZ-VM-001020

Severity Override Guidance

View system config “JOURNALING” statement.

If the “JOURNALING” statement “LOGON” operand is configured as below, this is not a finding.

Logon,
Account after 3 attempts,
See IBMZ-VM-000040 for LOCKOUT setting.

Link,
Account after 3 attempts,
Disable after 3 attempts

Check Content Reference

M

Target Key

3211

Comments