I - Mission Critical Public
Rules and Groups employed by this XCCDF Profile
-
SRG-OS-000480-GPOS-00227
Group -
The IBM z/VM systems requiring data at rest must employ IBMs DS8000 for full disk encryption.
Operating systems handling data requiring "data at rest" protections must employ cryptographic mechanisms to prevent unauthorized disclosure and modification of the information at rest. Selection ...Rule Medium Severity -
SRG-OS-000480-GPOS-00227
Group -
The IBM z/VM TCP/IP NSLOOKUP statement for UFT servers must be properly configured.
If data origin authentication and data integrity verification are not performed, the resultant response could be forged, it may have come from a poisoned cache, the packets could have been intercep...Rule Medium Severity -
SRG-OS-000480-GPOS-00227
Group -
The IBM z/VM TCP/IP DOMAINLOOKUP statement must be properly configured.
If data origin authentication and data integrity verification are not performed, the resultant response could be forged, it may have come from a poisoned cache, the packets could have been intercep...Rule Medium Severity -
SRG-OS-000480-GPOS-00227
Group -
The IBM z/VM TCP/IP NSINTERADDR statement must be present in the TCPIP DATA configuration.
If data origin authentication and data integrity verification are not performed, the resultant response could be forged, it may have come from a poisoned cache, the packets could have been intercep...Rule Medium Severity -
SRG-OS-000480-GPOS-00227
Group -
The IBM z/VM CHECKSUM statement must be included in the TCP/IP configuration file.
If data origin authentication and data integrity verification are not performed, the resultant response could be forged, it may have come from a poisoned cache, the packets could have been intercep...Rule Medium Severity -
SRG-OS-000480-GPOS-00227
Group -
The IBM z/VM DOMAINSEARCH statement in the TCPIP DATA file must be configured with proper domain names for name resolution.
If data origin authentication and data integrity verification are not performed, the resultant response could be forged, it may have come from a poisoned cache, the packets could have been intercep...Rule Medium Severity -
SRG-OS-000001-GPOS-00001
Group -
CA VM:Secure product Rules Facility must be installed and operating.
Enterprise environments make account management for operating systems challenging and complex. A manual process for account management functions adds the risk of a potential oversight or other erro...Rule High Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.