STIGQter: STIG Summary: IBM z/VM Using CA VM:Secure Security Technical Implementation Guide Version: 1 Release: 2 Benchmark Date: 27 Apr 2018:

CA VM:Secure product audit records must offload audit records to a different system or media.

DISA Rule

SV-93629r1_rule

Vulnerability Number

V-78923

Group Title

SRG-OS-000342-GPOS-00133

Rule Version

IBMZ-VM-000940

Severity

CAT II

CCI(s)

• CCI-001851 - The information system off-loads audit records per organization-defined frequency onto a different system or media than the system being audited.

Weight

10

Fix Recommendation

Develop a user written procedure to offload audit records to a different system or media.

Check Contents

If there is no documented process for audit offload, this is a finding.

Examine the documented user process for audit record offload.

If the procedure does not offload to a different system or media, this is a finding.

Vulnerability Number

V-78923

Documentable

False

Rule Version

IBMZ-VM-000940

Severity Override Guidance

If there is no documented process for audit offload, this is a finding.

Examine the documented user process for audit record offload.

If the procedure does not offload to a different system or media, this is a finding.

Check Content Reference

M

Target Key

3211

Comments