The Mainframe Product must perform an integrity check of information as defined in site security plan at startup, at transitional states as defined in site security plan or security-relevant events, or annually.

STIG ID: SRG-APP-000477-MFP-000376  |  SRG: SRG-APP-000477 |  Severity: medium |  CCI: CCI-002712 |  Vulnerability Id: V-205595 | 

Vulnerability Discussion

Unauthorized changes to information can occur due to errors or malicious activity (e.g., tampering). Information includes metadata, such as security attributes associated with information. State-of-the-practice integrity-checking mechanisms (e.g., parity checks, cyclical redundancy checks, cryptographic hashes) and associated tools can automatically monitor the integrity of information systems and hosted applications.

Security-relevant events include, for example, the identification of a new threat to which organizational information systems are susceptible and the installation of new hardware, software, or firmware. Transitional states include, for example, system startup, restart, shutdown, and abort.

This requirement applies to integrity verification tools that are used to detect unauthorized changes to organization-defined information.

Check

If the Mainframe Product has no function or capability for integrity verification, this is not applicable.

Examine installation and configuration settings.

If the Mainframe Product is not configured to perform an integrity check of information as defined in site security plan at startup, at transitional states as defined in site security plan or security-relevant events, or annually, this is a finding.

Fix

Configure the Mainframe Product to perform integrity check of inform as defined in site security plan at startup, at transitional states as defined in site security plan or security-relevant events, or annually.