Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-68507 | SRG-APP-000484-MFP-000383 | SV-82997r1_rule | Medium |
Description |
---|
Without an audit capability, an integrity violation may not be detected. Organizations select response actions based on types of software, specific software, or information for which there are potential integrity violations. The integrity verification application must have the capability to audit and it must be enabled. |
STIG | Date |
---|---|
Mainframe Product Security Requirements Guide | 2019-12-12 |
Check Text ( C-69039r1_chk ) |
---|
If the Mainframe Product has no function or capability for integrity verification, this is not applicable. Examine installation and configuration settings. If the Mainframe Product is not configured to audit detected potential integrity violations, this is a finding. |
Fix Text (F-74623r1_fix) |
---|
Configure the Mainframe Product to audit detected potential integrity violations. |