Check: IBMZ-VM-000620
IBM zVM STIG:
IBMZ-VM-000620
(in version v1 r0.1)
Title
The IBM z/VM CA VM:Secure product NORULE record in the SECURITY CONFIG file must be configured to REJECT. (Cat II impact)
Discussion
Failure to restrict system access to authenticated users negatively impacts operating system security.
Check Content
Examine the “SECURITY CONFIG” file. If the Nodule is configured as below, this is not a finding. NORULE REJECT
Fix Text
Include a “NORULE” Record in the “SECURITY CONFIG” file set to “REJECT”.
Additional Identifiers
Rule ID:
Vulnerability ID: IBMZ-VM-000620
Group Title:
Expert Comments
Expert comments are only available to logged-in users.
CCIs
CCIs tied to check.
| Number | Definition |
|---|---|
| CCI-000366 |
Implement the security configuration settings. |
Controls
Controls tied to check. These are derived from the CCIs shown above.
| Number | Title |
|---|---|
| CM-6 |
Configuration Settings |