STIGQter: STIG Summary: IBM z/VM Using CA VM:Secure Security Technical Implementation Guide Version: 1 Release: 2 Benchmark Date: 27 Apr 2018:

The IBM z/VM TCP/IP DOMAINLOOKUP statement must be properly configured.

DISA Rule

SV-93653r1_rule

Vulnerability Number

V-78947

Group Title

SRG-OS-000399-GPOS-00178

Rule Version

IBMZ-VM-001120

Severity

CAT II

CCI(s)

• CCI-002465 - The information system requests data origin authentication verification on the name/address resolution responses the system receives from authoritative sources.

Weight

10

Fix Recommendation

Configure the “DOMAINLOOKUP” statement to “DNS”.

Check Contents

Examine the “TCPIP DATA” configuration file.

If “DOMAINLOOKUP” statement is configured to “DNS”, this is not a finding.

Vulnerability Number

V-78947

Documentable

False

Rule Version

IBMZ-VM-001120

Severity Override Guidance

Examine the “TCPIP DATA” configuration file.

If “DOMAINLOOKUP” statement is configured to “DNS”, this is not a finding.

Check Content Reference

M

Target Key

3211

Comments