Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-81197 | WBSP-AS-000120 | SV-95911r1_rule | Medium |
Description |
---|
Without enabling repository checkpoints, you will not be able to determine the history of changes to WebSphere configuration files, and who made those changes. |
STIG | Date |
---|---|
IBM WebSphere Traditional V9.x Security Technical Implementation Guide | 2018-08-24 |
Check Text ( C-80867r1_chk ) |
---|
Review System Security Plan documentation. Identify the required "Automatic CheckPoint Depth" setting that has been defined. From administrative console, click System administration >> Extended repository service. If "Enable automatic repository checkpoints" is not selected or if the "automatic checkpoint depth" is less than the number of saves defined in the System Security Plan, this is a finding. |
Fix Text (F-87975r1_fix) |
---|
From administrative console click System administration >> Extended repository service >> Enable automatic repository checkpoints. Enter a "checkpoint depth value" according to the security plan. Restart the DMGR and all the JVMs. |