Details
The sysmon_group parameter defines the operating system groups with system monitor (SYSMON) authority. It is recommended that the sysmon_group group contains authorized users only.
If an account that possesses this authority is compromised or used in a malicious manner, the confidentiality, integrity, and availability of data in the DB2 instance will be at increase risk.
Solution
Define a valid group name for the SYSMON group.
1. Attach to the DB2 database.
db2 => attach to $DB2INSTANCE
2. Run the following command from the DB2 command window:
db2 => update database manager configuration using sysmon_group
Default Value:
The default value for SYSMON_GROUP is NULL.
Supportive Information
The following resource is also helpful.
This security hardening control applies to the following category of controls within NIST 800-53: Access Control.This control applies to the following type of system Windows.