STIGQter: STIG Summary: IBM AIX 7.x Security Technical Implementation Guide Version: 2 Release: 2 Benchmark Date: 23 Apr 2021:

The AIX operating system must accept and verify Personal Identity Verification (PIV) credentials.

DISA Rule

SV-215441r508663_rule

Vulnerability Number

V-215441

Group Title

SRG-OS-000376-GPOS-00161

Rule Version

AIX7-00-003205

Severity

CAT II

CCI(s)

• CCI-001953 - The information system accepts Personal Identity Verification (PIV) credentials.
• CCI-001954 - The information system electronically verifies Personal Identity Verification (PIV) credentials.

Weight

10

Fix Recommendation

Install "bos.ahafs" fileset from the PowerSC MFA DVD using the following command (assuming that the DVD device is mounted to /dev/cd0):

# installp -aXYgd /dev/cd0 -e /tmp/install.log bos.ahafs

Start the "pmfahotplugd" service:

# startsrc-s pmfahotplugd

Check Contents

Verify that the " bos.ahafs" package is installed:

# lslpp -l |grep bos.ahafs

bos.ahafs 7.1.5.15 COMMITTED Aha File System

If the "bos.ahafs" package is not installed, this is a finding.

Verify "pmfahotplugd" service is running:

# lssrc -s pmfahotplugd

If the " pmfahotplugd" service is not running, this is a finding.

Vulnerability Number

V-215441

Documentable

False

Rule Version

AIX7-00-003205

Severity Override Guidance

Verify that the " bos.ahafs" package is installed:

# lslpp -l |grep bos.ahafs

bos.ahafs 7.1.5.15 COMMITTED Aha File System

If the "bos.ahafs" package is not installed, this is a finding.

Verify "pmfahotplugd" service is running:

# lssrc -s pmfahotplugd

If the " pmfahotplugd" service is not running, this is a finding.

Check Content Reference

M

Target Key

4012

Comments