An error occurred:
Close sidebar
Xylok
Home Menu
info@xylok.io
© 2026
Xylok, LLC
Version: releases-v2026.03.1 - rmfrev5
Xylok
Home Menu
info@xylok.io
© 2026
Xylok, LLC
Version: releases-v2026.03.1 - rmfrev5
Open sidebar
Navigate
Top
Search
Checks (
224
)
Print
Changes
Pages (
10/15
)
IBM z/OS RACF STIG
IBM z/OS RACF Security Technical Implementation Guide
v9 r7 (Released Jan. 5, 2026)
v9 r6 (Released Oct. 1, 2025)
v9 r5 (Released July 2, 2025)
v9 r4 (Released April 2, 2025)
v9 r3 (Released Jan. 30, 2025)
v9 r2 (Released Oct. 24, 2024)
v9 r1 (Released July 24, 2024)
v8 r14 (Released April 24, 2024)
v8 r13 (Released Jan. 24, 2024)
v8 r12 (Released July 26, 2023)
v8 r11 (Released April 27, 2023)
v8 r10 (Released Jan. 26, 2023)
v8 r9 (Released Nov. 23, 2022)
v8 r8 (Released Oct. 26, 2022)
v8 r7 (Released April 27, 2022)
v8 r6 (Released Jan. 27, 2022)
v8 r5 (Released Oct. 27, 2021)
v8 r4 (Released July 23, 2021)
v8 r3 (Released April 23, 2021)
v8 r2 (Released Jan. 22, 2021)
v8 r1 (Released Oct. 23, 2020)
v7 r3 (Released July 24, 2020)
v7 r2 (Released April 24, 2020)
v7 r1 (Released Nov. 18, 2019)
v7 r0.1 (Released April 5, 2019)
ID
Vuln ID
Title
Cat
Status
RACF-OS-000190
V-223775
IBM z/OS Time Protocol must be properly configured.
Cat II
RACF-OS-000200
V-223776
IBM z/OS PARMLIB CLOCKxx must have the Accuracy PARM properly coded.
Cat II
RACF-OS-000210
V-223777
IBM RACF must define UACC of NONE on all profiles.
Cat I
RACF-OS-000220
V-223778
IBM z/OS PASSWORD data set and OS passwords must not be used.
Cat II
RACF-OS-000240
V-223780
The IBM z/OS Policy Agent must employ a deny-all, allow-by-exception firewall policy for allowing connections to other systems.
Cat II
RACF-OS-000250
V-223781
Unsupported system software must not be installed and/ or active on the system.
Cat I
RACF-OS-000260
V-223782
IBM z/OS must not allow nonexistent or inaccessible LINKLIST libraries.
Cat II
RACF-OS-000270
V-223783
IBM z/OS must not allow nonexistent or inaccessible Link Pack Area (LPA) libraries.
Cat II
RACF-OS-000280
V-223784
IBM z/OS must not have inaccessible APF libraries defined.
Cat II
RACF-OS-000290
V-223785
IBM zOS inapplicable PPT entries must be invalidated.
Cat II
RACF-OS-000300
V-223786
IBM z/OS LNKAUTH=APFTAB must be specified in the IEASYSxx member(s) in the currently active parmlib data set(s).
Cat II
RACF-OS-000310
V-223787
IBM z/OS must not have duplicated sensitive utilities and/or programs existing in APF libraries.
Cat III
RACF-OS-000320
V-223788
The IBM z/OS systems requiring data-at-rest protection must properly employ IBM DS8880 or equivalent hardware solutions for full disk encryption.
Cat I
RACF-OS-000350
V-251107
IBM z/OS sensitive and critical system data sets must not exist on shared DASDs.
Cat II
RACF-OS-000360
V-223792
The IBM z/OS Policy Agent must contain a policy that protects against or limits the effects of denial-of-service (DoS) attacks by ensuring the operating system is implementing rate-limiting measures on impacted network interfaces.
Cat II
Prev
1...
6
7
8
9
10
11
12
13
14
...15
Next
Print
Display this benchmark in a printer-friendly format for off-line reference. This display does not include any commands.
Version Changes
If there are multiple versions of this benchmark, Xylok can display the differences between any changes in the checks.