STIGQter: STIG Summary: IBM z/VM Using CA VM:Secure Security Technical Implementation Guide Version: 1 Release: 2 Benchmark Date: 27 Apr 2018:

CA VM:Secure product Rules Facility must be restricted to appropriate personnel.

DISA Rule

SV-93677r1_rule

Vulnerability Number

V-78971

Group Title

SRG-OS-000480-GPOS-00227

Rule Version

IBMZ-VM-001280

Severity

CAT II

CCI(s)

• CCI-000366 - The organization implements the security configuration settings.

Weight

10

Fix Recommendation

Ensure the product Rules Facility is installed.

Ensure that authority to create system rules or rules that apply to other users is only granted to appropriate personnel.

Check Contents

Issue Command:

VMSECURE CONFIG AUTHORIZ

Inspect the "GRANT" statements.

If there are statements that grant the authority to create system rules or rules that apply to other users is only granted to appropriate personnel, this is not a finding.

Vulnerability Number

V-78971

Documentable

False

Rule Version

IBMZ-VM-001280

Severity Override Guidance

Issue Command:

VMSECURE CONFIG AUTHORIZ

Inspect the "GRANT" statements.

If there are statements that grant the authority to create system rules or rules that apply to other users is only granted to appropriate personnel, this is not a finding.

Check Content Reference

M

Target Key

3211

Comments