The IBM z/VM JOURNALING statement must be properly configured.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
| V-237944 | IBMZ-VM-001020 | SV-237944r859014_rule | CCI-002268 | medium |
| Description | ||||
| By limiting the number of failed logon attempts, the risk of unauthorized system access via user password guessing, otherwise known as brute-forcing, is reduced. Limits are imposed by locking the account. | ||||
| STIG | Date | |||
| IBM zVM Using CA VM:Secure Security Technical Implementation Guide | 2022-08-31 | |||
Related Frameworks
2 paths across 2 frameworks
Related Frameworks
NIST 800-531 mapping
AC-16
1.00
- DISA · V2R2 · disa_xccdf · related
- DISA · 2025-01-23 · disa_cci_list · equivalent
CCI1 mapping
CCI-002268
1.00
- DISA · V2R2 · disa_xccdf · related
Details
Check Text (C-237944r859014_chk)
View system config "JOURNALING" statement.
If the "JOURNALING" statement "LOGON" operand is configured as below, this is not a finding.
Logon,
Account after 3 attempts,
See IBMZ-VM-000040 for LOCKOUT setting.
Link,
Account after 3 attempts,
Disable after 3 attempts
Fix Text (F-41113r859013_fix)
Configure the system config "JOURNALING" statement to include the following:
Logon,
Account after 3 attempts,
See IBMZ-VM-000040 for LOCKOUT setting.
Link,
Account after 3 attempts,
Disable after 3 attempts