STIGQter: STIG Summary: Mainframe Product Security Requirements Guide Version: 1 Release: 4 Benchmark Date: 24 Jan 2020:

The Mainframe Product must update malicious code protection mechanisms whenever new releases are available in accordance with organizational configuration management policy and procedures.

DISA Rule

SV-82979r1_rule

Vulnerability Number

V-68489

Group Title

SRG-APP-000276-MFP-000353

Rule Version

SRG-APP-000276-MFP-000353

Severity

CAT II

CCI(s)

• CCI-001240 - The organization updates malicious code protection mechanisms whenever new releases are available in accordance with organizational configuration management policy and procedures.

Weight

10

Fix Recommendation

Configure the Mainframe Product to install new releases using organizational configuration management policy and procedures.

Check Contents

If the Mainframe Product has no function or capability for providing malicious code scanning or protection, this is not applicable.

Refer to organizational configuration management policy and procedures.

Examine installation and configuration settings.

If the Mainframe Product is not configured to install new releases using organizational configuration management policy and procedure, this is a finding.

Vulnerability Number

V-68489

Documentable

False

Rule Version

SRG-APP-000276-MFP-000353

Severity Override Guidance

If the Mainframe Product has no function or capability for providing malicious code scanning or protection, this is not applicable.

Refer to organizational configuration management policy and procedures.

Examine installation and configuration settings.

If the Mainframe Product is not configured to install new releases using organizational configuration management policy and procedure, this is a finding.

Check Content Reference

M

Target Key

3061

Comments