Check: GEN000000-AIX00020
AIX 6.1 SECURITY TECHNICAL IMPLEMENTATION GUIDE:
GEN000000-AIX00020
(in versions v1 r14 through v1 r10)
Title
AIX Trusted Computing Base (TCB) software must be implemented. (Cat II impact)
Discussion
The AIX Trusted Computing Base (TCB) software provides protection from the unauthorized modification of core system files.
Check Content
Perform: # /bin/tcbck If TCB is not installed, the output will show an error code of 3001-101 and/or a text message indicating TCB is not installed, this is a finding.
Fix Text
Ensure the Trusted Computing Base (TCB) software is implemented. TCB can only be installed at OS installation time.
Additional Identifiers
Rule ID: SV-969r2_rule
Vulnerability ID: V-969
Group Title: GEN000000-AIX00020
Expert Comments
CCIs
Number | Definition |
---|---|
CCI-000032 |
The information system enforces information flow control using organization-defined security policy filters as a basis for flow control decisions for organization-defined information flows. |
CCI-000633 |
The organization ensures that government off-the-shelf (GOTS) or commercial-off-the-shelf(COTS) information assurance (IA) and IA-enabled information technology products have been evaluated and/or validated by the NSA or in accordance with NSA-approved procedures. |