STIGQter: STIG Summary: IBM Hardware Management Console (HMC) STIG Version: 1 Release: 5 Benchmark Date: 20 Jan 2015:

Access to the Hardware Management Console (HMC) must be restricted by assigning users proper roles and responsibilities.

DISA Rule

SV-31555r2_rule

Vulnerability Number

V-25386

Group Title

HMC0045

Rule Version

HMC0045

Severity

CAT II

CCI(s)

• CCI-000225 - The organization employs the concept of least privilege, allowing only authorized accesses for users (and processes acting on behalf of users) which are necessary to accomplish assigned tasks in accordance with organizational missions and business functions.

Weight

10

Fix Recommendation

Have the System Administrator using the list user IDs and responsibilities, validate that each user is properly specified in the HMC based on his/her roles and responsibilities.

Note: Sites must have a list of valid HMC users, indicating their USERID, Date of DD2785, roles and responsibilities

To display user roles choose User Profiles and then select the user for modification. View Task Roles and Manager Roles.

Check Contents

Have the System Administrator verify to the reviewer that the Roles and Responsibilities assigned are assigned to the proper individuals by their areas of responsibility.

Note: Sites must have a list of valid HMC users, indicating their USERID, Date of DD2875, and roles and responsibilities.

Have the System Administrator verify to the reviewer that the Roles and Responsibilities assigned are assigned to the proper individuals by their areas of responsibility.

To display user roles chose User Profiles and then select the user for modification. View Task Roles and Manager Resources Roles.

If the HMC user-IDs displayed by the System Administrator are not properly assigned by Roles and Responsibilities, then this is a FINDING.

Vulnerability Number

V-25386

Documentable

False

Rule Version

HMC0045

Severity Override Guidance

Have the System Administrator verify to the reviewer that the Roles and Responsibilities assigned are assigned to the proper individuals by their areas of responsibility.

Note: Sites must have a list of valid HMC users, indicating their USERID, Date of DD2875, and roles and responsibilities.

Have the System Administrator verify to the reviewer that the Roles and Responsibilities assigned are assigned to the proper individuals by their areas of responsibility.

To display user roles chose User Profiles and then select the user for modification. View Task Roles and Manager Resources Roles.

If the HMC user-IDs displayed by the System Administrator are not properly assigned by Roles and Responsibilities, then this is a FINDING.

Check Content Reference

M

Responsibility

System Administrator

Target Key

1891

Comments