UCF STIG Viewer Logo

The Mainframe Product must initiate session auditing upon startup.


Overview

Finding ID Version Rule ID IA Controls Severity
V-68235 SRG-APP-000092-MFP-000137 SV-82725r1_rule Medium
Description
If auditing is enabled late in the start-up process, the actions of some start-up processes may not be audited. Some audit systems also maintain state information only available if auditing is enabled before a given process is created.
STIG Date
Mainframe Product Security Requirements Guide 2016-04-18

Details

Check Text ( C-68795r1_chk )
If the Mainframe Product has no function or capability for session operations, this is not applicable.

Examine installation and configuration settings.

Verify that session auditing is initiated at session startup. If it is not, this is a finding.
Fix Text (F-74349r1_fix)
Configure the Mainframe Product to initiate session auditing upon startup.