CA VM:Secure product DASD CONFIG file must be restricted to appropriate personnel.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-237958	IBMZ-VM-001230	SV-237958r859050_rule		Medium

Description

Configuring the operating system to implement organization-wide security implementation guides and security checklists ensures compliance with federal standards and establishes a common security baseline across DoD that reflects the most restrictive security posture consistent with operational requirements.

STIG	Date
IBM zVM Using CA VM:Secure Security Technical Implementation Guide	2022-08-31

Details

Check Text (C-41168r859048_chk)

Query the CA VM:Secure product rules.

If there are product rules granting access to the disk on which the "DASD CONFIG" file resides for system administrators or DASD administrators only, this is not a finding.

Fix Text (F-41127r859049_fix)

Create rules in the CA VM:Secure product Rules Facility that restricts access to the disk where the "DASD CONFIG" file resides to system administrators or DASD administrators only.