Check: IBMZ-VM-000300
IBM zVM STIG:
IBMZ-VM-000300
(in version v1 r0.1)
Title
The IBM z/VM CA VM:Secure product must be installed and operating. (Cat II impact)
Discussion
Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one. Audit records can be generated from various components within the information system (e.g., module or policy filter).
Check Content
Verify that CA VM:Secure product is operational on the system by entering the following command: From CMS Command line enter “VMSECURE VERSION”. If there is no response “VMSECURE” is not logged in, this is a finding.
Fix Text
CA VM:Secure product audits all commands. Ensure that CA VM:Secure product is installed and operational.
Additional Identifiers
Rule ID:
Vulnerability ID: IBMZ-VM-000300
Group Title:
Expert Comments
CCIs
| Number | Definition |
|---|---|
| CCI-000172 |
The information system generates audit records for the events defined in AU-2 d. with the content defined in AU-3. |
Controls
| Number | Title |
|---|---|
| AU-12 |
Audit Generation |