An error occurred:
Close sidebar
Xylok
Home Menu
info@xylok.io
© 2026
Xylok, LLC
Version: releases-v2026.03.1 - rmfrev5
Xylok
Home Menu
info@xylok.io
© 2026
Xylok, LLC
Version: releases-v2026.03.1 - rmfrev5
Open sidebar
Navigate
Top
Search
Checks (
224
)
Print
Changes
Pages (
12/15
)
IBM z/OS RACF STIG
IBM z/OS RACF Security Technical Implementation Guide
v9 r7 (Released Jan. 5, 2026)
v9 r6 (Released Oct. 1, 2025)
v9 r5 (Released July 2, 2025)
v9 r4 (Released April 2, 2025)
v9 r3 (Released Jan. 30, 2025)
v9 r2 (Released Oct. 24, 2024)
v9 r1 (Released July 24, 2024)
v8 r14 (Released April 24, 2024)
v8 r13 (Released Jan. 24, 2024)
v8 r12 (Released July 26, 2023)
v8 r11 (Released April 27, 2023)
v8 r10 (Released Jan. 26, 2023)
v8 r9 (Released Nov. 23, 2022)
v8 r8 (Released Oct. 26, 2022)
v8 r7 (Released April 27, 2022)
v8 r6 (Released Jan. 27, 2022)
v8 r5 (Released Oct. 27, 2021)
v8 r4 (Released July 23, 2021)
v8 r3 (Released April 23, 2021)
v8 r2 (Released Jan. 22, 2021)
v8 r1 (Released Oct. 23, 2020)
v7 r3 (Released July 24, 2020)
v7 r2 (Released April 24, 2020)
v7 r1 (Released Nov. 18, 2019)
v7 r0.1 (Released April 5, 2019)
ID
Vuln ID
Title
Cat
Status
RACF-SH-000060
V-223811
IBM z/OS, for PKI-based authentication, must use the ICSF or ESM for key management.
Cat II
RACF-SL-000010
V-223812
IBM z/OS permission bits and user audit bits for HFS objects that are part of the Syslog daemon component must be properly configured.
Cat II
RACF-SL-000020
V-223813
The IBM z/OS Syslog daemon must be started at z/OS initialization.
Cat II
RACF-SL-000030
V-223814
The IBM z/OS Syslog daemon must be properly defined and secured.
Cat II
RACF-SM-000010
V-223815
IBM z/OS DFSMS Program Resources must be properly defined and protected.
Cat II
RACF-SM-000020
V-223816
IBM z/OS DFSMS control data sets must be protected in accordance with security requirements.
Cat II
RACF-SM-000030
V-223817
IBM z/OS DFSMS-related RACF classes must be active.
Cat II
RACF-SM-000040
V-223818
IBM z/OS DFSMS resources must be protected in accordance with the proper security requirements.
Cat II
RACF-SM-000050
V-223819
IBM z/OS using DFSMS must properly specify SYS(x).PARMLIB(IGDSMSxx), SMS parameter settings.
Cat II
RACF-SM-000060
V-272879
IBM z/OS DFSMS control data sets must reside on separate storage volumes
Cat II
RACF-TC-000010
V-223820
IBM z/OS PROFILE.TCPIP configuration statements for the TCP/IP stack must be coded properly.
Cat II
RACF-TC-000020
V-223821
IBM z/OS must be configured to restrict all TCP/IP ports to ports, protocols, and/or services as defined in the PPSM CAL and vulnerability assessments.
Cat II
RACF-TC-000030
V-223822
IBM z/OS permission bits and user audit bits for HFS objects that are part of the Base TCP/IP component must be properly configured.
Cat II
RACF-TC-000040
V-223823
IBM z/OS TCP/IP resources must be properly protected.
Cat II
RACF-TC-000050
V-223824
The IBM RACF SERVAUTH resource class must be active for TCP/IP resources.
Cat II
Prev
1...
8
9
10
11
12
13
14
15
Next
Print
Display this benchmark in a printer-friendly format for off-line reference. This display does not include any commands.
Version Changes
If there are multiple versions of this benchmark, Xylok can display the differences between any changes in the checks.