CA IDMS Security Technical Implementation Guide
Rules, Groups, and Values defined within the XCCDF Benchmark
-
IDMS must protect its user catalogs and system dictionaries to prevent unauthorized users from bypassing or updating security settings.
Unauthorized access to user profiles, dictionaries, and user catalogs provides the ability to damage the IDMS system.Rule Medium Severity -
SRG-APP-000342-DB-000302
Group -
SRG-APP-000380-DB-000360
Group -
SRG-APP-000383-DB-000364
Group -
IDMS terminal and lines that are not secure must be disabled.
Use of nonsecure network functions, ports, protocols, and services exposes the system to avoidable threats.Rule Medium Severity -
SRG-APP-000431-DB-000388
Group -
SRG-APP-000431-DB-000388
Group -
CA IDMS must protect system and user code and storage from corruption by user programs.
Database management systems can maintain separate execution domains for each executing process by assigning each process a separate address space. Each process has a distinct address space so that ...Rule Medium Severity -
SRG-APP-000431-DB-000388
Group -
SRG-APP-000441-DB-000378
Group -
The system storage used for data collection by the CA IDMS server must be protected.
Information can be either unintentionally or maliciously disclosed or modified during preparation for transmission, including, for example, during aggregation, at protocol transformation points, an...Rule Medium Severity -
SRG-APP-000441-DB-000378
Group -
SRG-APP-000441-DB-000378
Group -
The storage used for data collection by CA IDMS web services must be protected.
Information can be either unintentionally or maliciously disclosed or modified during preparation for transmission, including, for example, during aggregation, at protocol transformation points, an...Rule Medium Severity -
SRG-APP-000441-DB-000378
Group -
The storage used for data collection by CA IDMS Server and CA IDMS Web Services must be protected from online display and update.
Information can be either unintentionally or maliciously disclosed or modified during preparation for transmission, including, for example, during aggregation, at protocol transformation points, an...Rule Medium Severity -
SRG-APP-000447-DB-000393
Group -
IDMS must check for invalid data and behave in a predictable manner when encountered.
A common vulnerability is unplanned behavior when invalid inputs are received. This requirement guards against adverse or unintended system behavior caused by invalid inputs, where information syst...Rule Medium Severity -
SRG-APP-000456-DB-000390
Group -
Maintenance for security-related software updates for CA IDMS modules must be provided.
When a problem is found in IDMS, corrective maintenance is published to correct the problem (including security related problems). Published fixes should be applied to the IDMS system to correct an...Rule Medium Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.