STIGhubSTIGhub
STIGsSearchCompare

STIGhub

A free tool to search and browse the entire DISA STIG library. Saves up to 75% in security compliance research time.

Navigation

  • Browse STIGs
  • Search
  • Compare Versions

Resources

  • About
  • Release Notes
  • VPAT
  • DISA STIG Library
STIGs updated 3 hours ago
Powered by Pylon
© 2026 Beacon Cloud Solutions, Inc. All rights reserved.
← Back to CA IDMS Security Technical Implementation Guide

V-251598

CAT III (Low)

IDMS must protect against the use web services that do not require a sign on when actions are performed that may be audited.

Rule ID

SV-251598r960864_rule

STIG

CA IDMS Security Technical Implementation Guide

Version

V2R1

CCIs

CCI-000166

Discussion

IDMS web services provide a way for web-based applications to access an IDMS database. If not secured, the Web services interface could be used to reveal or change sensitive data.

Check Content

On the IDMS CV system where CA IDMS Web Services executes, enter "WEBC" to check Web Services configuration.

If "REQUIRE SIGNON = NO", this is a finding.

Fix Text

On the IDMS CV system where CA IDMS Web Services executes, enter "WEBC REQUIRE SIGNON=YES".