STIGQter STIGQter: STIG Summary: IBM MQ Appliance v9.0 NDM Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 05 Jun 2017:

The MQ Appliance network device must generate unique session identifiers using a FIPS 140-2 approved random number generator.

DISA Rule

SV-89655r1_rule

Vulnerability Number

V-74981

Group Title

SRG-APP-000224-NDM-000270

Rule Version

MQMH-ND-000790

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

Log on to the MQ Appliance CLI as a privileged user. Enable FIPS 140-2 Level 1 mode at the next reload of the firmware.

Enter:
config
crypto
crypto-mode-set fips-140-2-l1

The following message will appear:
"Crypto Mode Successfully set to fips-140-2-l1 for next boot."

Reboot MQ appliance.

Check Contents

Log on to the MQ Appliance CLI as a privileged user.

Enter:
config
crypto
show crypto-mode

If the result is not fips-140-2-l1, this is a finding.

Vulnerability Number

V-74981

Documentable

False

Rule Version

MQMH-ND-000790

Severity Override Guidance

Log on to the MQ Appliance CLI as a privileged user.

Enter:
config
crypto
show crypto-mode

If the result is not fips-140-2-l1, this is a finding.

Check Content Reference

M

Target Key

3243

Comments