Check: IBMZ-VM-000610
IBM zVM STIG:
IBMZ-VM-000610
(in version v1 r0.1)
Title
The IBM z/VM CA VM:Secure product NORULE record in the SECURITY CONFIG file must be configured to REJECT. (Cat II impact)
Discussion
Setting the most restrictive default permissions ensures that when new accounts are created they do not have unnecessary access.
Check Content
Examine the “SECURITY CONFIG” file. If the “NORULE” record is configured with “REJECT”, this is not a finding.
Fix Text
Configure the “SECURITY CONFIG” file to include a “NORULE” record with “REJECT”.
Additional Identifiers
Rule ID:
Vulnerability ID: IBMZ-VM-000610
Group Title:
Expert Comments
Expert comments are only available to logged-in users.
CCIs
CCIs tied to check.
| Number | Definition |
|---|---|
| CCI-000366 |
Implement the security configuration settings. |
Controls
Controls tied to check. These are derived from the CCIs shown above.
| Number | Title |
|---|---|
| CM-6 |
Configuration Settings |