In the event of a system failure, AIX must preserve any information necessary to determine cause of failure and any information necessary to return to operations with least disruption to mission processes.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-91487	AIX7-00-003109	SV-101585r1_rule		Medium

Description
Failure to a known state can address safety or security in accordance with the mission/business needs of the organization. Failure to a known secure state helps prevent a loss of confidentiality, integrity, or availability in the event of a failure of the information system or a component of the system. Preserving operating system state information helps to facilitate operating system restart and return to the operational mode of the organization with least disruption to mission/business processes.

Description

Failure to a known state can address safety or security in accordance with the mission/business needs of the organization. Failure to a known secure state helps prevent a loss of confidentiality, integrity, or availability in the event of a failure of the information system or a component of the system. Preserving operating system state information helps to facilitate operating system restart and return to the operational mode of the organization with least disruption to mission/business processes.

STIG	Date
IBM AIX 7.x Security Technical Implementation Guide	2019-04-29

Details

Check Text ( C-90641r1_chk )
To display the current dump device settings enter the following command: #sysdumpdev -l primary /dev/lg_dumplv secondary /dev/sysdumpnull copy directory /var/adm/ras forced copy flag TRUE always allow dump FALSE dump compression ON type of dump fw-assisted full memory dump disallow If the primary device and copy directory is not configured, this is a finding.

Fix Text (F-97685r1_fix)
The "sysdumpdev" command should be used to configure dump device. #sysdumpdev -p "Primary dump device" #sysdumpdev -d Note: The "-d " specifies the directory the device is copied to at boot time.