STIGQter STIGQter: STIG Summary: Mainframe Product Security Requirements Guide Version: 1 Release: 4 Benchmark Date: 24 Jan 2020:

The Mainframe Product must provide the capability for security administrators to change the auditing to be performed on all application components based on all selectable event criteria within time thresholds defined in site security plan.

DISA Rule

SV-82675r1_rule

Vulnerability Number

V-68185

Group Title

SRG-APP-000353-MFP-000113

Rule Version

SRG-APP-000353-MFP-000113

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

Configure the Mainframe Product to allow security administrators the capability to change auditing settings.

This can be accomplished by using the ESM.

Configure the ESM to restrict update and above access to system and ESM audit settings to security administrators in accordance with applicable access control policies.

Check Contents

Examine the installation and configuration settings.

If security administrators do not have the capability to change auditing settings, this is a finding.

If an external security manager (ESM) is used, check the ESM rules and configuration.

If there are no rules for these resources or the rules do not allow update and above access to security administrators in accordance with applicable access control policies, this is a finding.

Vulnerability Number

V-68185

Documentable

False

Rule Version

SRG-APP-000353-MFP-000113

Severity Override Guidance

Examine the installation and configuration settings.

If security administrators do not have the capability to change auditing settings, this is a finding.

If an external security manager (ESM) is used, check the ESM rules and configuration.

If there are no rules for these resources or the rules do not allow update and above access to security administrators in accordance with applicable access control policies, this is a finding.

Check Content Reference

M

Target Key

3061

Comments