STIGQter: STIG Summary: IBM z/VM Using CA VM:Secure Security Technical Implementation Guide Version: 1 Release: 2 Benchmark Date: 27 Apr 2018:

The IBM z/VM system administrator must develop and perform a procedure to validate the correct operation of security functions.

DISA Rule

SV-93695r1_rule

Vulnerability Number

V-78989

Group Title

SRG-OS-000480-GPOS-00227

Rule Version

IBMZ-VM-002410

Severity

CAT II

CCI(s)

• CCI-000366 - The organization implements the security configuration settings.

Weight

10

Fix Recommendation

Develop a procedure that validates all security functions.

Develop a log depicting date and time of validation signed by action official.

Check Contents

Ask the system administrator (SA) if there is a documented procedure for validation of security functions on file with the ISSM/ISSO.

If there is none, this is a finding.

Ask for evidence that the procedures are performed.

If there is no evidentiary proof, this is a finding.

Vulnerability Number

V-78989

Documentable

False

Rule Version

IBMZ-VM-002410

Severity Override Guidance

Ask the system administrator (SA) if there is a documented procedure for validation of security functions on file with the ISSM/ISSO.

If there is none, this is a finding.

Ask for evidence that the procedures are performed.

If there is no evidentiary proof, this is a finding.

Check Content Reference

M

Target Key

3211

Comments