Skip to content

No profile (default benchmark)

Rules and Groups employed by this XCCDF Profile

  • SRG-OS-000023-GPOS-00006

    <GroupDescription></GroupDescription>
    Group
  • The IBM z/VM TCP/IP FTP Server must be configured to display the Standard Mandatory DoD Notice and Consent Banner before granting local or remote access to the system and until users acknowledge the usage conditions and take explicit actions to log on for further access.

    &lt;VulnDiscussion&gt;The banner must be acknowledged by the user prior to allowing the user access to the operating system. This provides assuranc...
    Rule Medium Severity
  • SRG-OS-000024-GPOS-00007

    <GroupDescription></GroupDescription>
    Group
  • The IBM z/VM LOGO configuration file must be configured to display the Standard Mandatory DoD Notice and Consent Banner until users acknowledge the usage conditions and take explicit actions to log on for further access.

    &lt;VulnDiscussion&gt;The banner must be acknowledged by the user prior to allowing the user access to the operating system. This provides assuranc...
    Rule Medium Severity
  • SRG-OS-000032-GPOS-00013

    <GroupDescription></GroupDescription>
    Group
  • For FTP processing Z/VM TCP/IP FTP server Exit must be enabled.

    &lt;VulnDiscussion&gt;Remote access services, such as those providing remote access to network devices and information systems, which lack automate...
    Rule Medium Severity
  • SRG-OS-000033-GPOS-00014

    <GroupDescription></GroupDescription>
    Group
  • The IBM z/VM TCP/IP configuration must include an SSLSERVERID statement.

    &lt;VulnDiscussion&gt;The Secure Socket Layer (SSL) server, provides processing support for secure (encrypted) communication between remote clients...
    Rule Medium Severity
  • SRG-OS-000057-GPOS-00027

    <GroupDescription></GroupDescription>
    Group
  • CA VM:Secure product AUDIT file must be restricted to authorized personnel.

    &lt;VulnDiscussion&gt;Unauthorized disclosure of audit records can reveal system and configuration data to attackers, thus compromising its confide...
    Rule Medium Severity

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules