STIGQter: STIG Summary: IBM z/VM Using CA VM:Secure Security Technical Implementation Guide Version: 1 Release: 2 Benchmark Date: 27 Apr 2018:

CA VM:Secure must have a security group for Security Administrators only.

DISA Rule

SV-93599r1_rule

Vulnerability Number

V-78893

Group Title

SRG-OS-000134-GPOS-00068

Rule Version

IBMZ-VM-000700

Severity

CAT II

CCI(s)

• CCI-001084 - The information system isolates security functions from nonsecurity functions.

Weight

10

Fix Recommendation

Define a security group in the Rules Facility for Security Administrators only.

Check Contents

Ask the Security Administrator for the defined groups that have authorization to perform security tasks, i.e., create and change rules for any userID in the Rules Facility.

Examine the members (users) in each of these groups.

If any user does not have the role of Security Administrator, this is a finding.

Vulnerability Number

V-78893

Documentable

False

Rule Version

IBMZ-VM-000700

Severity Override Guidance

Ask the Security Administrator for the defined groups that have authorization to perform security tasks, i.e., create and change rules for any userID in the Rules Facility.

Examine the members (users) in each of these groups.

If any user does not have the role of Security Administrator, this is a finding.

Check Content Reference

M

Target Key

3211

Comments