UCF STIG Viewer Logo

The Mainframe Product must automatically shut down the information system, restart the information system, and/or implement security safeguards as conditions as defined in site security plan when integrity violations are discovered.


Overview

Finding ID Version Rule ID IA Controls Severity
V-205596 SRG-APP-000480-MFP-000379 SV-205596r851361_rule Medium
Description
Unauthorized changes to software, firmware, and information can occur due to errors or malicious activity (e.g., tampering). Information includes metadata, such as security attributes associated with information. State-of-the-practice integrity-checking mechanisms (e.g., parity checks, cyclical redundancy checks, cryptographic hashes) and associated tools can automatically monitor the integrity of information systems and hosted applications. Organizations may define different integrity checking and anomaly responses by type of information (e.g., firmware, software, user data); by specific information (e.g., boot firmware, boot firmware for a specific types of machines); or a combination of both. Automatic implementation of specific safeguards within organizational information systems includes, for example, reversing the changes, halting the information system, restarting the information system, notification to the appropriate personnel or roles, or triggering audit alerts when unauthorized modifications to critical security files occur. This capability must take into account operational requirements for availability for selecting an appropriate response.
STIG Date
Mainframe Product Security Requirements Guide 2022-09-22

Details

Check Text ( C-5862r300015_chk )
If the Mainframe Product has no function or capability for integrity verification, this is not applicable.

Examine installation and configuration settings.

If the Mainframe Product is not configured to automatically shut down the information system, restart the information system, and/or implement security safeguards as conditions as defined in site security plan when integrity violations are discovered, this is a finding.
Fix Text (F-5862r300016_fix)
Configure the Mainframe Product to automatically shut down the information system, restart the information system, and/or implement security safeguards as conditions as defined in site security plan when integrity violations are discovered.