Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-256874 | HMC0070 | SV-256874r958442_rule | Medium |
Description |
---|
The Hardware Management Console controls the operation and availability of the Central Processor Complex (CPC). Failure to create and maintain the Hardware Management Console Event log could result in the lack of monitoring and accountability of CPC control activity. |
STIG | Date |
---|---|
IBM Hardware Management Console (HMC) Security Technical Implementation Guide | 2024-06-24 |
Check Text ( C-60549r890966_chk ) |
---|
Verify on the Hardware Management Console that the Event log is in use. This is done by selecting the View Console Events panel under Console Actions. From this panel you can display: Console Information on EC Changes Console Service History displays HMC Problems Console Tasks Displays Last 2000 tasks performed on console View Licenses View LIC (Licensed Internal Code) View Security Logs tracks an object’s operational state, status, or settings change or involves user access to tasks, actions, and objects. If no Event log exists, this is a FINDING. If the Event log exists and is not collecting data, this is a FINDING. |
Fix Text (F-60492r890967_fix) |
---|
The System Administrator will activate the Hardware Management Console Event log and ensure that all tracking parameters are set. This is done by selecting the View Console Events panel under Console Actions. From this panel you can display: Console Information on EC Changes Console Service History displays HMC Problems Console Tasks Displays Last 2000 tasks performed on console View Licenses View LIC (Licensed Internal Code) View Security Logs tracks an object’s operational state, status, or settings change or involves user access to tasks, actions, and objects. |