STIGhubSTIGhub
STIGsRMF ControlsCompare
STIGhub— A free STIG search and compliance tool·STIGs updated 3 days ago
Powered by Pylon·Privacy·Terms·© 2026 Beacon Cloud Solutions, Inc.
← Back to CA IDMS Security Technical Implementation Guide

V-251598

CAT III (Low)

IDMS must protect against the use web services that do not require a sign on when actions are performed that may be audited.

Rule ID

SV-251598r960864_rule

STIG

CA IDMS Security Technical Implementation Guide

Version

V2R1

CCIs

CCI-000166

Discussion

IDMS web services provide a way for web-based applications to access an IDMS database. If not secured, the Web services interface could be used to reveal or change sensitive data.

Check Content

On the IDMS CV system where CA IDMS Web Services executes, enter "WEBC" to check Web Services configuration.

If "REQUIRE SIGNON = NO", this is a finding.

Fix Text

On the IDMS CV system where CA IDMS Web Services executes, enter "WEBC REQUIRE SIGNON=YES".