STIGQter: STIG Summary: IBM MQ Appliance v9.0 NDM Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 05 Jun 2017:

The MQ Appliance network device must enforce password complexity by requiring that at least one special character be used.

DISA Rule

SV-89633r1_rule

Vulnerability Number

V-74959

Group Title

SRG-APP-000169-NDM-000257

Rule Version

MQMH-ND-000610

Severity

CAT II

CCI(s)

• CCI-001619 - The information system enforces password complexity by the minimum number of special characters used.

Weight

10

Fix Recommendation

Log on to the MQ Appliance WebGUI as a privileged user. Go to Administration (gear icon) >> Access >> RBM Settings.

Set Authentication Method to LDAP.

Configure LDAP server connection as required.

Expand Password Policy.

Check the Require Non-alphanumeric check box.

Check Contents

Log on to the MQ Appliance WebGUI as a privileged user. Go to Administration (gear icon) >> Access >> RBM Settings.

Verify the Authentication Method is set to LDAP.

Expand Password Policy.

Verify the (local) Password Policy Require Non-alphanumeric check box is checked.

If MQ is not set to LDAP authentication or if the local password policy is not configured to meet the requirement, this is a finding.

Vulnerability Number

V-74959

Documentable

False

Rule Version

MQMH-ND-000610

Severity Override Guidance

Log on to the MQ Appliance WebGUI as a privileged user. Go to Administration (gear icon) >> Access >> RBM Settings.

Verify the Authentication Method is set to LDAP.

Expand Password Policy.

Verify the (local) Password Policy Require Non-alphanumeric check box is checked.

If MQ is not set to LDAP authentication or if the local password policy is not configured to meet the requirement, this is a finding.

Check Content Reference

M

Target Key

3243

Comments