The Mainframe Product must audit detected potential integrity violations.

STIG ID: SRG-APP-000484-MFP-000383  |  SRG: SRG-APP-000484 |  Severity: medium |  CCI: CCI-002723 |  Vulnerability Id: V-205597 | 

Vulnerability Discussion

Without an audit capability, an integrity violation may not be detected. Organizations select response actions based on types of software, specific software, or information for which there are potential integrity violations. The integrity verification application must have the capability to audit and it must be enabled.

Check

If the Mainframe Product has no function or capability for integrity verification, this is not applicable.

Examine installation and configuration settings.

If the Mainframe Product is not configured to audit detected potential integrity violations, this is a finding.

Fix

Configure the Mainframe Product to audit detected potential integrity violations.