The Mainframe Product must initiate session auditing upon startup.

STIG ID: SRG-APP-000092-MFP-000137  |  SRG: SRG-APP-000092 |  Severity: medium |  CCI: CCI-001464 |  Vulnerability Id: V-205462 | 

Vulnerability Discussion

If auditing is enabled late in the start-up process, the actions of some start-up processes may not be audited. Some audit systems also maintain state information only available if auditing is enabled before a given process is created.

Check

If the Mainframe Product has no function or capability for session operations, this is not applicable.

Examine installation and configuration settings.

Verify that session auditing is initiated at session startup. If it is not, this is a finding.

Fix

Configure the Mainframe Product to initiate session auditing upon startup.