III - Administrative Sensitive
Rules and Groups employed by this XCCDF Profile
-
SRG-OS-000096-GPOS-00050
<GroupDescription></GroupDescription>Group -
All IBM z/VM TCP/IP Ports must be restricted to ports, protocols, and/or services, as defined in the PPSM CAL and vulnerability assessments.
<VulnDiscussion>In order to prevent unauthorized connection of devices, unauthorized transfer of information, or unauthorized tunneling (i.e....Rule Medium Severity -
SRG-OS-000118-GPOS-00060
<GroupDescription></GroupDescription>Group -
The IBM z/VM Security Manager must provide a procedure to disable userIDs after 35 days of inactivity.
<VulnDiscussion>Inactive identifiers pose a risk to systems and applications because attackers may exploit an inactive identifier and potenti...Rule Medium Severity -
SRG-OS-000120-GPOS-00061
<GroupDescription></GroupDescription>Group -
The IBM z/VM TCP/IP VMSSL command operands must be configured properly.
<VulnDiscussion>VMSSL services are initiated using the VMSSL command defined in the DTCPARMS file. Unapproved mechanisms that are used for au...Rule High Severity -
SRG-OS-000121-GPOS-00062
<GroupDescription></GroupDescription>Group -
The IBM z/VM TCP/IP ANONYMOU statement must not be coded in FTP configuration.
<VulnDiscussion>Operating systems utilizing encryption are required to use FIPS-compliant mechanisms for authenticating to cryptographic modu...Rule Medium Severity -
SRG-OS-000132-GPOS-00067
<GroupDescription></GroupDescription>Group -
CA VM:Secure product ADMIN GLOBALS command must be restricted to systems programming personnel.
<VulnDiscussion>Operating system management functionality includes functions necessary for administration and requires privileged user access...Rule Medium Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.