Check: ACF2-OS-000370
IBM z/OS ACF2 STIG:
ACF2-OS-000370
(in versions v9 r2 through v7 r1)
Title
IBM z/OS Policy agent must contain a policy that manages excess capacity, bandwidth, or other redundancy to limit the effects of information flooding types of Denial of Service (DoS) attacks. (Cat II impact)
Discussion
DoS is a condition when a resource is not available for legitimate users. When this occurs, the organization either cannot accomplish its mission or must operate at degraded capacity.
Check Content
Examine the Policy Agent policy statements. If it can be determined that there are policy statements that manages excess capacity, this is not a finding.
Fix Text
Develop Policy application and Policy agent to manage excess capacity.
Additional Identifiers
Rule ID: SV-223572r958528_rule
Vulnerability ID: V-223572
Group Title: SRG-OS-000142-GPOS-00071
Expert Comments
CCIs
Number | Definition |
---|---|
CCI-001095 |
Manage capacity, bandwidth, or other redundancy to limit the effects of information flooding types of denial-of-service attacks. |
Controls
Number | Title |
---|---|
SC-5(2) |
Excess Capacity / Bandwidth / Redundancy |