NIST Checklist Logo
NIST Security Configuration Checklists Repository
BETA
Browse Repository by
   Product Category
   Vendor
   Submitting
Organization

Our Sponsor
white space white space

VMS 800-53 Generic

Name VMS 800-53 Generic
Version 1.1
Status Final
Creation Date 1-Mar-2005
Revision Date 21-Mar-2005
Product Category Operating System
Vendor HP, Compaq or Digital (depending on version)
Product OpenVMS
Product Version OpenVMS (any version from 4.2 - 8.2)
Product Role Any normal VMS system use, such as web server, process control, money wire transfer, cellphone billing, medical clinical data, patient records, satellite control, database server, insurance, point of sale processing, stock trading, banking, radar control, scientific research, lottery operations and software development.
Checklist Summary This checklist is based on a set of commands used with the product LJK/Security to assess the security control compliance with NIST Special Publication 800-53 "Recommended Security Controls for Federal Information Systems", published February 28, 2005, on a VMS (OpenVMS) system. Discussion (preceded by an exclamation point on the line) has been added to make this list useful to those who are not using the LJK/Security product but want to test a VMS system against SP 800-53.
Known Issues Any checksums provided in the checklist are applicable to the version of VMS as released. Files replaced by VMS patches will necessarily have a different checksum.
Target Audience Someone fully trained in VMS System Management and use of VMS tools.
Note that according to NIST SP 800-53 AC-05, Separation of Duties, this should _not_ be the same individual who has operational responsibility for the system being tested.
Target Operational Environment Enterprise or High Security.
Checklist Installation Tools None.
Rollback Capability  
Testing Information  
NIAP/CMVP Status  
Regulatory Compliance  
Comments, Warnings, Disclaimer, Miscellaneous
  
Disclaimer Suggestions in this checklist may be appropriate for some VMS environment, but might not be appropriate for yours.
Product Support Controls suggested for alteration by this checklist are supported for customer alteration by the vendor of VMS.
Submitting Organization/Authors LJK Software
Point of Contact NIST_CHECKLIST-LJK_SOFTWARE@sneakemail.com
Sponsor None.
Licensing The LJK/Security product is licensed software, but using this checklist without that product is free to all.
Checklist Homepage http://www.ljk.com/ljk/checklists.htm
Download Package http://www.ljk.com/ljk/
CHECK_NIST_SP_800_53.COM
Integrity sha1 (CHECK_NIST_SP_800_53.COM) =
0e72a29007da5a15fbb024ee04fd91f27ba5e69a

sha256 (CHECK_NIST_SP_800_53.COM) =
f82412fb9343e9ef6c9167b89f3804028485188ea
90f42878f2f12bd65c1439b
Change History

21-Mar-2005 V1.1

1-Mar-2005 Initial version following 28-Feb-2005 release of SP 800-53
Dependency/Requirement None.
References OpenVMS Guide to System Security
NIST Identifier 1024


NIST and the checklist submitter do not guarantee or warrant the checklist's accuracy or completeness. NIST is not responsible for loss, damage, or problems that may be caused by using the checklist.

Last updated: March 15, 2006
Page created: October 28, 2004
Disclaimer Notice & Privacy Statement / Security Notice
Send comments or suggestions to checklists@nist.gov
NIST is an Agency of the U.S. Commerce Department's Technology Administration