STIGQter: STIG Summary: IBM z/OS RACF Security Technical Implementation Guide Version: 8 Release: 3 Benchmark Date: 23 Apr 2021:

IBM z/OS must implement cryptographic mechanisms to prevent unauthorized modification of all information at rest on all operating system components.

DISA Rule

SV-223790r604139_rule

Vulnerability Number

V-223790

Group Title

SRG-OS-000404-GPOS-00183

Rule Version

RACF-OS-000340

Severity

CAT II

CCI(s)

• CCI-002475 - The information system implements cryptographic mechanisms to prevent unauthorized modification of organization-defined information at rest on organization-defined information system components.
• CCI-002476 - The information system implements cryptographic mechanisms to prevent unauthorized disclosure of organization-defined information at rest on organization-defined information system components.

Weight

10

Fix Recommendation

Employ IBM's DS8880 hardware to ensure full disk encryption.

Check Contents

Determine if IBM's DS8880 Disks are in use.

If they are not in use for systems that require data at rest, this is a finding.

Vulnerability Number

V-223790

Documentable

False

Rule Version

RACF-OS-000340

Severity Override Guidance

Determine if IBM's DS8880 Disks are in use.

If they are not in use for systems that require data at rest, this is a finding.

Check Content Reference

M

Target Key

4101

Comments