STIGQter: STIG Summary: Mainframe Product Security Requirements Guide Version: 1 Release: 4 Benchmark Date: 24 Jan 2020:

The Mainframe Product must electronically verify Personal Identity Verification (PIV) credentials.

DISA Rule

SV-82827r1_rule

Vulnerability Number

V-68337

Group Title

SRG-APP-000392-MFP-000209

Rule Version

SRG-APP-000392-MFP-000209

Severity

CAT II

CCI(s)

• CCI-001954 - The information system electronically verifies Personal Identity Verification (PIV) credentials.

Weight

10

Fix Recommendation

Configure the Mainframe Product account management settings to electronically verify PIV credentials.

Check Contents

If the Mainframe Product uses an external security manager (ESM) for all account management, this is not applicable.

Examine user account management configurations.

If the Mainframe Product account management settings are not configured to electronically verify PIV credentials, this is a finding.

Vulnerability Number

V-68337

Documentable

False

Rule Version

SRG-APP-000392-MFP-000209

Severity Override Guidance

If the Mainframe Product uses an external security manager (ESM) for all account management, this is not applicable.

Examine user account management configurations.

If the Mainframe Product account management settings are not configured to electronically verify PIV credentials, this is a finding.

Check Content Reference

M

Target Key

3061

Comments