The Mainframe Product must initiate session auditing upon startup.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
| V-205462 | SRG-APP-000092-MFP-000137 | SV-205462r960888_rule | CCI-001464 | medium |
| Description | ||||
| If auditing is enabled late in the start-up process, the actions of some start-up processes may not be audited. Some audit systems also maintain state information only available if auditing is enabled before a given process is created. | ||||
| STIG | Date | |||
| Mainframe Product Security Requirements Guide | 2024-12-05 | |||
Details
Check Text (C-205462r960888_chk)
If the Mainframe Product has no function or capability for session operations, this is not applicable.
Examine installation and configuration settings.
Verify that session auditing is initiated at session startup. If it is not, this is a finding.
Fix Text (F-5728r299620_fix)
Configure the Mainframe Product to initiate session auditing upon startup.