STIGQter: STIG Summary: IBM z/VM Using CA VM:Secure Security Technical Implementation Guide Version: 1 Release: 2 Benchmark Date: 27 Apr 2018:

CA VM:Secure product CONFIG file must be restricted to appropriate personnel.

DISA Rule

SV-93673r1_rule

Vulnerability Number

V-78967

Group Title

SRG-OS-000480-GPOS-00227

Rule Version

IBMZ-VM-001250

Severity

CAT II

CCI(s)

CCI-000366 - The organization implements the security configuration settings.

Weight

Fix Recommendation

Create rules in the CA VM:Secure product Rules Facility that restricts access to the disk where the product “CONFIG” file resides to system administrators only.

Check Contents

Query the CA VM:Secure Product rules.

If there are product rules granting access to the disk on which the product “CONFIG” file resides for system administrators only, this is not a finding.

Vulnerability Number

V-78967

Documentable

False

Rule Version

IBMZ-VM-001250

Severity Override Guidance

Query the CA VM:Secure Product rules.

If there are product rules granting access to the disk on which the product “CONFIG” file resides for system administrators only, this is not a finding.

Check Content Reference

Target Key

3211

CA VM:Secure product CONFIG file must be restricted to appropriate personnel.

DISA Rule

Vulnerability Number

Group Title

Rule Version

Severity

CCI(s)

Weight

Fix Recommendation

Check Contents

Vulnerability Number

Documentable

Rule Version

Severity Override Guidance

Check Content Reference

Target Key

Comments