STIGQter: STIG Summary: IBM z/VM Using CA VM:Secure Security Technical Implementation Guide Version: 1 Release: 2 Benchmark Date: 27 Apr 2018:

CA VM:Secure product VMXRPI configuration file must be restricted to authorized personnel.

DISA Rule

SV-93667r1_rule

Vulnerability Number

V-78961

Group Title

SRG-OS-000480-GPOS-00227

Rule Version

IBMZ-VM-001220

Severity

CAT II

CCI(s)

CCI-000366 - The organization implements the security configuration settings.

Weight

Fix Recommendation

Create rules in the CA VM:Secure product Rules Facility that restricts access to the disk where the “VMXRPI” configuration file resides to system administrators only.

Check Contents

Query the CA VM:Secure rules.

If there are product rules granting access to the disk on which the “VMXRPI” configuration file resides for system administrators only, this is not a finding.

Vulnerability Number

V-78961

Documentable

False

Rule Version

IBMZ-VM-001220

Severity Override Guidance

Query the CA VM:Secure rules.

If there are product rules granting access to the disk on which the “VMXRPI” configuration file resides for system administrators only, this is not a finding.

Check Content Reference

Target Key

3211

CA VM:Secure product VMXRPI configuration file must be restricted to authorized personnel.

DISA Rule

Vulnerability Number

Group Title

Rule Version

Severity

CCI(s)

Weight

Fix Recommendation

Check Contents

Vulnerability Number

Documentable

Rule Version

Severity Override Guidance

Check Content Reference

Target Key

Comments