STIGQter: STIG Summary: IBM z/VM Using CA VM:Secure Security Technical Implementation Guide Version: 1 Release: 2 Benchmark Date: 27 Apr 2018:

IBM z/VM system administrator must develop procedures to manually control temporary, interactive, and emergency accounts.

DISA Rule

SV-93691r1_rule

Vulnerability Number

V-78985

Group Title

SRG-OS-000480-GPOS-00227

Rule Version

IBMZ-VM-002390

Severity

CAT II

CCI(s)

• CCI-000366 - The organization implements the security configuration settings.

Weight

10

Fix Recommendation

Develop a manual procedure to handle temporary, inactive, and emergency accounts in accordance with appropriate policies.

Ensure that the procedures are documented and filed with ISSM/ISSO.

Check Contents

Ask the system administrator (SA) for documented manual procedures to handle temporary, inactive, and emergency accounts.

If there are no procedures or they are not documented and filed with the ISSM/ISSO, this is a finding.

Vulnerability Number

V-78985

Documentable

False

Rule Version

IBMZ-VM-002390

Severity Override Guidance

Ask the system administrator (SA) for documented manual procedures to handle temporary, inactive, and emergency accounts.

If there are no procedures or they are not documented and filed with the ISSM/ISSO, this is a finding.

Check Content Reference

M

Target Key

3211

Comments