STIGQter: STIG Summary: Mainframe Product Security Requirements Guide Version: 1 Release: 4 Benchmark Date: 24 Jan 2020:

The Mainframe Product must automatically update malicious code protection mechanisms.

DISA Rule

SV-82977r1_rule

Vulnerability Number

V-68487

Group Title

SRG-APP-000272-MFP-000347

Rule Version

SRG-APP-000272-MFP-000347

Severity

CAT II

CCI(s)

• CCI-001247 - The information system automatically updates malicious code protection mechanisms.

Weight

10

Fix Recommendation

Configure the Mainframe Product to receive automatic updates using organizational-defined procedures.

Check Contents

If the Mainframe Product has no function or capability for providing malicious code scanning or protection, this is not applicable.

Refer to organizational-defined update procedures.

Examine installation and configuration settings.

If the Mainframe Product is not configured to receive automatic updates using organizational-defined procedures, this is a finding.

Vulnerability Number

V-68487

Documentable

False

Rule Version

SRG-APP-000272-MFP-000347

Severity Override Guidance

If the Mainframe Product has no function or capability for providing malicious code scanning or protection, this is not applicable.

Refer to organizational-defined update procedures.

Examine installation and configuration settings.

If the Mainframe Product is not configured to receive automatic updates using organizational-defined procedures, this is a finding.

Check Content Reference

M

Target Key

3061

Comments