STIGQter: STIG Summary: IBM z/VM Using CA VM:Secure Security Technical Implementation Guide Version: 1 Release: 2 Benchmark Date: 27 Apr 2018:

CA VM:Secure product AUTHORIZ CONFIG file must be restricted to appropriate personnel.

DISA Rule

SV-93671r1_rule

Vulnerability Number

V-78965

Group Title

SRG-OS-000480-GPOS-00227

Rule Version

IBMZ-VM-001240

Severity

CAT II

CCI(s)

• CCI-000366 - The organization implements the security configuration settings.

Weight

10

Fix Recommendation

Create rules in the CA VM:Secure product Rules Facility that restricts access to the disk where the “AUTHORIZ CONFIG” file resides to system administrators or security administrators only.

Check Contents

Query the CA VM:Secure product rules.

If there are product rules granting access to the disk on which the “AUTHORIZ CONFIG” file resides for system administrators or security administrators only, this is not a finding.

Vulnerability Number

V-78965

Documentable

False

Rule Version

IBMZ-VM-001240

Severity Override Guidance

Query the CA VM:Secure product rules.

If there are product rules granting access to the disk on which the “AUTHORIZ CONFIG” file resides for system administrators or security administrators only, this is not a finding.

Check Content Reference

M

Target Key

3211

Comments