STIGQter: STIG Summary: Mainframe Product Security Requirements Guide Version: 1 Release: 4 Benchmark Date: 24 Jan 2020:

The Mainframe Product must associate types of security attributes having security attribute values as defined in site security plan with information in process.

DISA Rule

SV-82615r1_rule

Vulnerability Number

V-68125

Group Title

SRG-APP-000313-MFP-000026

Rule Version

SRG-APP-000313-MFP-000026

Severity

CAT II

CCI(s)

• CCI-002263 - The organization provides the means to associate organization-defined types of security attributes having organization-defined security attribute values with information in process.

Weight

10

Fix Recommendation

Configure the Mainframe Product to associate organization-defined security attributes to managed data sets in process.

Verify the datasets attributes are labeled and/or tagged appropriately.

Check Contents

If the Mainframe Product does not perform data management or storage function this is not applicable.

Examine installation and configuration settings and / or specific meta-data for individual types of security attributes as defined by the organization.

If there is no specific data labeling or tagging, this is a finding.

Vulnerability Number

V-68125

Documentable

False

Rule Version

SRG-APP-000313-MFP-000026

Severity Override Guidance

If the Mainframe Product does not perform data management or storage function this is not applicable.

Examine installation and configuration settings and / or specific meta-data for individual types of security attributes as defined by the organization.

If there is no specific data labeling or tagging, this is a finding.

Check Content Reference

M

Target Key

3061

Comments