STIGhubSTIGhub
STIGsRMF ControlsCompare

STIGhub

A free tool to search and browse the entire DISA STIG library. Saves up to 75% in security compliance research time.

Navigation

  • Browse STIGs
  • Search
  • RMF Controls
  • Compare Versions

Resources

  • About
  • Release Notes
  • VPAT
  • DISA STIG Library
STIGs updated 2 hours ago
Powered by Pylon
© 2026 Beacon Cloud Solutions, Inc. All rights reserved.
← Back to IBM zVM Using CA VM:Secure Security Technical Implementation Guide

V-237944

CAT II (Medium)

The IBM z/VM JOURNALING statement must be properly configured.

Rule ID

SV-237944r859014_rule

STIG

IBM zVM Using CA VM:Secure Security Technical Implementation Guide

Version

V2R2

CCIs

CCI-002268

Discussion

By limiting the number of failed logon attempts, the risk of unauthorized system access via user password guessing, otherwise known as brute-forcing, is reduced. Limits are imposed by locking the account.

Check Content

View system config "JOURNALING" statement.

If the "JOURNALING" statement "LOGON" operand is configured as below, this is not a finding.

Logon,
Account after 3 attempts,
See IBMZ-VM-000040 for LOCKOUT setting.

Link,
Account after 3 attempts,
Disable after 3 attempts

Fix Text

Configure the system config "JOURNALING" statement to include the following:

Logon,
Account after 3 attempts,
See IBMZ-VM-000040 for LOCKOUT setting.

Link,
Account after 3 attempts,
Disable after 3 attempts