In the event of a system failure, AIX must preserve any information necessary to determine cause of failure and any information necessary to return to operations with least disruption to mission processes.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
| V-215407 | AIX7-00-003109 | SV-215407r991562_rule | Medium |
| Description |
| Failure to a known state can address safety or security in accordance with the mission/business needs of the organization. Failure to a known secure state helps prevent a loss of confidentiality, integrity, or availability in the event of a failure of the information system or a component of the system. Preserving operating system state information helps to facilitate operating system restart and return to the operational mode of the organization with least disruption to mission/business processes. |
| STIG | Date |
| IBM AIX 7.x Security Technical Implementation Guide | 2024-08-16 |
Details
| Check Text (C-16605r294672_chk) |
| To display the current dump device settings enter the following command: #sysdumpdev -l primary /dev/lg_dumplv secondary /dev/sysdumpnull copy directory /var/adm/ras forced copy flag TRUE always allow dump FALSE dump compression ON type of dump fw-assisted full memory dump disallow If the primary device and copy directory is not configured, this is a finding. |
| Fix Text (F-16603r294673_fix) |
| The "sysdumpdev" command should be used to configure dump device. #sysdumpdev -p "Primary dump device" #sysdumpdev -d <directory> Note: The "-d <directory> " specifies the directory the device is copied to at boot time. |