IBM z/VM system administrator must develop procedures to manually control temporary, interactive, and emergency accounts.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
| V-237969 | IBMZ-VM-002390 | SV-237969r649747_rule | CCI-000366 | medium |
| Description | ||||
| Proper handling of temporary, inactive, and emergency accounts require automatic notification and action rather than at the convenience of the systems administrator. However in the absence of automated process manual procedures must be in place to assure that possible sensitive accounts are not compromised. | ||||
| STIG | Date | |||
| IBM zVM Using CA VM:Secure Security Technical Implementation Guide | 2022-08-31 | |||
Related Frameworks
4 paths across 3 frameworks
Related Frameworks
NIST 800-531 mapping
CM-6
1.00
- DISA · V2R2 · disa_xccdf · related
- DISA · 2025-01-23 · disa_cci_list · equivalent
NIST 800-1712 mappings
3.4.1
1.00
- DISA · V2R2 · disa_xccdf · related
- DISA · 2025-01-23 · disa_cci_list · equivalent
- NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
3.4.2
1.00
- DISA · V2R2 · disa_xccdf · related
- DISA · 2025-01-23 · disa_cci_list · equivalent
- NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
CCI1 mapping
CCI-000366
1.00
- DISA · V2R2 · disa_xccdf · related
Details
Check Text (C-237969r649747_chk)
Ask the system administrator (SA) for documented manual procedures to handle temporary, inactive, and emergency accounts.
If there are no procedures or they are not documented and filed with the ISSM/ISSO, this is a finding.
Fix Text (F-41138r649746_fix)
Develop a manual procedure to handle temporary, inactive, and emergency accounts in accordance with appropriate policies.
Ensure that the procedures are documented and filed with ISSM/ISSO.