IBM Hardware Management Console (HMC) Policies Security Technical Implementation Guide

Description

This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DOD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: [email protected].

Details

Version / Release: V2R1

Published: 2023-03-20

Updated At: 2023-05-04 00:34:37

Compare/View Releases

Select any two versions of this STIG to compare the individual requirements

Select any old version/release of this STIG to view the previous requirements

Actions

Download

Filter

Findings
Severity Open Not Reviewed Not Applicable Not a Finding
Overall 0 0 0 0
Low 0 0 0 0
Medium 0 0 0 0
High 0 0 0 0
Drop CKL or SCAP (XCCDF) results here.

    Vuln Rule Version CCI Severity Title Description Status Finding Details Comments
    SV-256853r890905_rule HMCP0010 CCI-000366 LOW Initial Program Load (IPL) Procedures must exists for each partition defined to the system. If procedures for performing IPLs are not in place, it is extremely difficult to ensure overall operating system integrity.
    SV-256854r890908_rule HMCP0110 CCI-000366 LOW Power On Reset (POR) Procedures must be documented for each system. If procedures for performing PORs are not in place, it is extremely difficult to ensure overall operating system integrity
    SV-256855r890911_rule HMCP0120 CCI-000366 LOW System shutdown procedures documentation must exist for each partition defined to the system. If procedures for performing system shutdowns are not in place, it is extremely difficult to ensure overall data and operating system integrity.
    SV-256856r890914_rule HMCP0130 CCI-000366 MEDIUM Backup of critical data for the HMC and its components must be documented and tracked If procedures for performing backup and recovery of critical data for the HMC is not in place, system recoverability may be jeopardized and overall security compromised.