STIGQter: STIG Summary: Mainframe Product Security Requirements Guide Version: 1 Release: 4 Benchmark Date: 24 Jan 2020:

The Mainframe Product must provide an immediate real-time alert to the operations staff, system programmers, and/or security administrators, at a minimum, of all audit failure events requiring real-time alerts.

DISA Rule

SV-82753r1_rule

Vulnerability Number

V-68263

Group Title

SRG-APP-000360-MFP-000152

Rule Version

SRG-APP-000360-MFP-000152

Severity

CAT II

CCI(s)

• CCI-001858 - The information system provides a real-time alert in an organization-defined real-time period to organization-defined personnel, roles, and/or locations when organization-defined audit failure events requiring real-time alerts occur.

Weight

10

Fix Recommendation

Configure the Mainframe Product to provide for immediate real-time alerts to operations staff, system programmers, and/or security administrators for audit failures requiring real-time alerts.

Check Contents

If the Mainframe Product does not perform audit data management or storage function, this is not applicable.

Examine configuration settings.

If the Mainframe Product does not provide for immediate real-time alerts to operations staff, system programmers, and/or security administrators for audit failures requiring real-time alerts, this is a finding.

Vulnerability Number

V-68263

Documentable

False

Rule Version

SRG-APP-000360-MFP-000152

Severity Override Guidance

If the Mainframe Product does not perform audit data management or storage function, this is not applicable.

Examine configuration settings.

If the Mainframe Product does not provide for immediate real-time alerts to operations staff, system programmers, and/or security administrators for audit failures requiring real-time alerts, this is a finding.

Check Content Reference

M

Target Key

3061

Comments