An error occurred:
Close sidebar
Xylok
Home Menu
info@xylok.io
© 2025
Xylok, LLC
Version: releases-v2025.12.2 - rmfrev5
Xylok
Home Menu
info@xylok.io
© 2025
Xylok, LLC
Version: releases-v2025.12.2 - rmfrev5
Open sidebar
Navigate
Top
Search
Checks (
226
)
Print
Changes
Pages (
13/16
)
IBM z/OS ACF2 STIG
IBM z/OS ACF2 Security Technical Implementation Guide
v9 r6 (Released Oct. 1, 2025)
v9 r5 (Released July 2, 2025)
v9 r4 (Released April 2, 2025)
v9 r3 (Released Jan. 30, 2025)
v9 r2 (Released Oct. 24, 2024)
v9 r1 (Released July 24, 2024)
v8 r15 (Released April 24, 2024)
v8 r14 (Released Jan. 24, 2024)
v8 r13 (Released Oct. 25, 2023)
v8 r12 (Released July 26, 2023)
v8 r11 (Released April 27, 2023)
v8 r10 (Released Jan. 23, 2023)
v8 r9 (Released Nov. 23, 2022)
v8 r8 (Released Oct. 26, 2022)
v8 r7 (Released July 27, 2022)
v8 r6 (Released April 27, 2022)
v8 r5 (Released Jan. 27, 2022)
v8 r4 (Released Oct. 27, 2021)
v8 r3 (Released July 23, 2021)
v8 r2 (Released April 23, 2021)
v8 r1 (Released Oct. 23, 2020)
v7 r3 (Released July 24, 2020)
v7 r2 (Released April 24, 2020)
v7 r1 (Released Nov. 18, 2019)
v7 r0.1 (Released April 5, 2019)
ID
Vuln ID
Title
Cat
Status
ACF2-SM-000070
V-272873
IBM z/OS DFSMS control data sets must reside on separate storage volumes.
Cat II
ACF2-TC-000010
V-223599
IBM z/OS PROFILE.TCPIP configuration statements for the TCP/IP stack must be coded properly.
Cat II
ACF2-TC-000020
V-223600
IBM z//OS must be configured to restrict all TCP/IP ports to ports, protocols, and/or services as defined in the PPSM CAL and vulnerability assessments.
Cat II
ACF2-TC-000030
V-223601
IBM z/OS TCP/IP resources must be properly protected.
Cat II
ACF2-TC-000040
V-223602
IBM z/OS permission bits and user audit bits for HFS objects that are part of the Base TCP/IP component must be configured properly.
Cat II
ACF2-TC-000050
V-223603
IBM z/OS data sets for the Base TCP/IP component must be properly protected.
Cat II
ACF2-TC-000060
V-223604
IBM z/OS Configuration files for the TCP/IP stack must be properly specified.
Cat II
ACF2-TC-000070
V-223605
IBM z/OS Started tasks for the Base TCP/IP component must be defined in accordance with security requirements.
Cat II
ACF2-TC-000090
V-245535
IBM z/OS TCPIP.DATA configuration statement must contain the DOMAINORIGIN or DOMAIN specified for each TCP/IP defined.
Cat II
ACF2-TC-000100
V-252547
IBM z/OS TCP/IP AT-TLS policy must be properly configured in Policy Agent.
Cat II
ACF2-TN-000010
V-223608
IBM z/OS PROFILE.TCPIP configuration INACTIVITY statement must be configured to 900 seconds.
Cat II
ACF2-TN-000020
V-223609
IBM z/OS SMF recording options for the TN3270 Telnet Server must be properly specified.
Cat II
ACF2-TN-000030
V-223610
IBM z/OS SSL encryption options for the TN3270 Telnet Server must be specified properly for each statement that defines a SECUREPORT or within the TELNETGLOBALS.
Cat II
ACF2-TN-000040
V-223611
IBM z/OS TN3270 Telnet Server configuration statement MSG10 text must have the Standard Mandatory DoD Notice and Consent Banner.
Cat II
ACF2-TN-000060
V-223613
IBM z/OS VTAM session setup controls for the TN3270 Telnet Server must be properly specified.
Cat II
Prev
1...
9
10
11
12
13
14
15
16
Next
Print
Display this benchmark in a printer-friendly format for off-line reference. This display does not include any commands.
Version Changes
If there are multiple versions of this benchmark, Xylok can display the differences between any changes in the checks.