STIGQter: STIG Summary: Mainframe Product Security Requirements Guide Version: 1 Release: 4 Benchmark Date: 24 Jan 2020:

The Mainframe Product must protect against an individual (or process acting on behalf of an individual) falsely denying having performed actions defined in the site security plan to be covered by non-repudiation.

DISA Rule

SV-82669r1_rule

Vulnerability Number

V-68179

Group Title

SRG-APP-000080-MFP-000102

Rule Version

SRG-APP-000080-MFP-000102

Severity

CAT II

CCI(s)

CCI-000166 - The information system protects against an individual (or process acting on behalf of an individual) falsely denying having performed organization-defined actions to be covered by non-repudiation.

Weight

Fix Recommendation

Configure the Mainframe Product to identify initiating user for authentication for all tasks.

Check Contents

If the Mainframe Product does not perform tasks on the behalf of other users, this is not applicable.

Examine configuration settings.

Determine whether settings identify initiating user for authentication. If it does not, this is a finding.

The Mainframe Product must protect against an individual (or process acting on behalf of an individual) falsely denying having performed actions defined in the site security plan to be covered by non-repudiation.

DISA Rule

Vulnerability Number

Group Title

Rule Version

Severity

CCI(s)

Weight

Fix Recommendation

Check Contents

Vulnerability Number

Documentable

Rule Version

Severity Override Guidance

Check Content Reference

Target Key

Comments