STIGQter: STIG Summary: IBM Hardware Management Console (HMC) STIG Version: 1 Release: 5 Benchmark Date: 20 Jan 2015:

The ESCON Director Application Console Event log must be enabled.

DISA Rule

SV-29995r3_rule

Vulnerability Number

V-24343

Group Title

HLESC030

Rule Version

HLESC030

Severity

CAT I

CCI(s)

• CCI-000169 - The information system provides audit record generation capability for the auditable events defined in AU-2 a. at organization-defined information system components.

Weight

10

Fix Recommendation

Ensure that an ESCON Director Application Console log is created and in use every time the system is switched on.

The ESCON Director maintains an audit trail at the ESCD console’s fixed disk. This audit trail logs the time, date, and password identification when changes have been made to the ESCON Director.

Check Contents

If the ESCON Director Console is present, verify on the ESCON Director Application Console that the Event log is in use, otherwise this check is not applicable.

If no Event log exists, this is a finding.

Vulnerability Number

V-24343

Documentable

False

Rule Version

HLESC030

Severity Override Guidance

If the ESCON Director Console is present, verify on the ESCON Director Application Console that the Event log is in use, otherwise this check is not applicable.

If no Event log exists, this is a finding.

Check Content Reference

M

Responsibility

Systems Programmer

Target Key

1891

Comments