From IBM Hardware Management Console (HMC) STIG
Part of HMC0040
Associated with IA controls: PECF-1, PRMP-2, ECLP-1, PRMP-1, PECF-2
Associated with: CCI-002227 CCI-002235
Access to the Hardware Management Console if not properly restricted to authorized personnel could lead to a bypass of security, access to the system, and an altering of the environment. This would result in a loss of secure operations and can cause an impact to data operating environment integrity.
Verify that sign-on access to the Hardware Management Console is restricted to authorize personnel and that a DD2875 is on file for each user ID. Note: Sites must have a list of valid HMC users, indicating their USER IDs, Date of DD2875, and roles and responsibilities To display user roles chose User Profiles and then select the user for modification. View Task Roles and Manager Resources Roles. If each user displayed by the System Administrator does not have a DD2875, then this is a FINDING.
The System Administrator will see that sign-on access to the Hardware Management Console is restricted to authorized personnel and that a DD2875 is on file for each user ID. Note: Sites must have a list of valid HMC users, indicating their USER IDs, Date of DD2875, and roles and responsibilities. The System Administrator must see that the list and users defined to the Hardware Management Console match.
Lavender hyperlinks in small type off to the right (of CSS
class id, if you view the page source) point to
globally unique URIs for each document and item. Copy the
link location and paste anywhere you need to talk
unambiguously about these things.
You can obtain data about documents and items in other
formats. Simply provide an HTTP header Accept:
text/turtle or
Accept: application/rdf+xml.
Powered by sagemincer