STIGhubSTIGhub
STIGsRMF ControlsCompare

STIGhub

A free tool to search and browse the entire DISA STIG library. Saves up to 75% in security compliance research time.

Navigation

  • Browse STIGs
  • Search
  • RMF Controls
  • Compare Versions

Resources

  • About
  • Release Notes
  • VPAT
  • DISA STIG Library
STIGs updated 2 hours ago
Powered by Pylon
© 2026 Beacon Cloud Solutions, Inc. All rights reserved.
← Back to IBM WebSphere Traditional V9.x Security Technical Implementation Guide

V-255825

CAT II (Medium)

The WebSphere Application Server automatic repository checkpoints must be enabled to track configuration changes.

Rule ID

SV-255825r960765_rule

STIG

IBM WebSphere Traditional V9.x Security Technical Implementation Guide

Version

V2R1

CCIs

CCI-000067

Discussion

Without enabling repository checkpoints, you will not be able to determine the history of changes to WebSphere configuration files, and who made those changes.

Check Content

Review System Security Plan documentation.

Identify the required "Automatic CheckPoint Depth" setting that has been defined.

From administrative console, click System administration >> Extended repository service.

If "Enable automatic repository checkpoints" is not selected or if the "automatic checkpoint depth" is less than the number of saves defined in the System Security Plan, this is a finding.

Fix Text

From administrative console click System administration >> Extended repository service >> Enable automatic repository checkpoints.

Enter a "checkpoint depth value" according to the security plan.

Restart the DMGR and all the JVMs.