The Mainframe Product must audit detected potential integrity violations.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-205597	SRG-APP-000484-MFP-000383	SV-205597r961767_rule		Medium

Description

Without an audit capability, an integrity violation may not be detected. Organizations select response actions based on types of software, specific software, or information for which there are potential integrity violations. The integrity verification application must have the capability to audit and it must be enabled.

STIG	Date
Mainframe Product Security Requirements Guide	2024-12-05

Details

Check Text (C-5863r300018_chk)

If the Mainframe Product has no function or capability for integrity verification, this is not applicable.

Examine installation and configuration settings.

If the Mainframe Product is not configured to audit detected potential integrity violations, this is a finding.

Fix Text (F-5863r300019_fix)

Configure the Mainframe Product to audit detected potential integrity violations.