Navigate

Check: IBMZ-VM-000040

IBM zVM STIG: IBMZ-VM-000040 (in version v1 r0.1)

Title

The IBM z/VM JOURNALING LOGON parameter must be set for lockout after 3 attempts for 15 minutes. (Cat II impact)

Discussion

By limiting the number of failed logon attempts, the risk of unauthorized system access via user password guessing, otherwise known as brute-force attacks, is reduced. Limits are imposed by locking the account.

Check Content

Display the System Configuration File. If the “JOURNALING” statement is set to: Facility ON LOGON LOCKout after 3 attempts for 15 minutes, this is not a finding.

Fix Text

Configure the System Configuration “JOURNALING” statement to: Facility ON LOGON LOCKout after 3 attempts for 15 minutes.

Additional Identifiers

Rule ID:

Vulnerability ID: IBMZ-VM-000040

Group Title:

Expert Comments

Expert comments are only available to logged-in users.

CCIs

CCIs tied to check.

Number	Definition
CCI-000044	The information system enforces the organization-defined limit of consecutive invalid logon attempts by a user during the organization-defined time period.

Controls

Controls tied to check. These are derived from the CCIs shown above.

Number	Title
AC-7	Unsuccessful Logon Attempts