STIGQter: STIG Summary: IBM z/VM Using CA VM:Secure Security Technical Implementation Guide Version: 1 Release: 2 Benchmark Date: 27 Apr 2018:

IBM z/VM must employ Clock synchronization software.

DISA Rule

SV-93697r1_rule

Vulnerability Number

V-78991

Group Title

SRG-OS-000480-GPOS-00227

Rule Version

IBMZ-VM-002420

Severity

CAT II

CCI(s)

• CCI-000366 - The organization implements the security configuration settings.

Weight

10

Fix Recommendation

Configure Clock synchronizing software to compare internal clock to authoritative source at least every 24 hours and when time difference is greater than one second.

Check Contents

Determine if Clock synchronization software is use.

If there is no Clock synchronization software in use, this is a finding.

Determine if configuration allows for the synchronizing internal Clock to authoritative source.

If software is improperly configured, this is a finding.

Vulnerability Number

V-78991

Documentable

False

Rule Version

IBMZ-VM-002420

Severity Override Guidance

Determine if Clock synchronization software is use.

If there is no Clock synchronization software in use, this is a finding.

Determine if configuration allows for the synchronizing internal Clock to authoritative source.

If software is improperly configured, this is a finding.

Check Content Reference

M

Target Key

3211

Comments