Detections
Analytics
AIX7-00-001048 - AIX must protect the confidentiality and integrity of all information at rest.
Information
Information at rest refers to the state of information when it is located on a secondary storage device (e.g., disk drive and tape drive, when used for backups) within an operating system.This requirement addresses protection of user-generated data, as well as operating system-specific configuration data. Organizations may choose to employ different mechanisms to achieve confidentiality and integrity protections, as appropriate, in accordance with the security category and/or classification of the information.
NOTE: Nessus has provided the target output to assist in reviewing the benchmark to ensure target compliance.
Solution
Install 'clic.rte' fileset if it is not installed using command:# installp -aXYqg -d /dev/cd0 clic.rte
Run the follow command to initialize and enable EFS on the system:
# efsenable -a
To create a new EFS-enabled JFS2 file system and mount the file system, using the following commands:
# crfs -v jfs2 -g rootvg -m /fs2 -a size=100M -a efs=yes
# mount /fs2
To enable EFS on a JFS2 file system (like, /fs3), run the following command:
chfs -a efs=yes /fs3
See Also
https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_IBM_AIX_7-x_V3R1_STIG.zip
Item Details
Audit Name: DISA STIG AIX 7.x v3r1
Category: SYSTEM AND COMMUNICATIONS PROTECTION
References: 800-53|SC-28, CAT|II, CCI|CCI-001199, Rule-ID|SV-215207r958552_rule, STIG-ID|AIX7-00-001048, STIG-Legacy|SV-101547, STIG-Legacy|V-91449, Vuln-ID|V-215207
Plugin: Unix
Control ID: fa7bbd2313a843f123ac852b82cb7425b6b4663ee958df4b3b8a64e15548d823