Check: RACF-OS-000360
      
      
        
  IBM z/OS RACF STIG:
  RACF-OS-000360
  
    (in versions v9 r5 through v7 r1)
  
      
      
    
  Title
The IBM z/OS Policy Agent must contain a policy that protects against or limits the effects of denial-of-service (DoS) attacks by ensuring the operating system is implementing rate-limiting measures on impacted network interfaces. (Cat II impact)
Discussion
DoS is a condition when a resource is not available for legitimate users. When this occurs, the organization either cannot accomplish its mission or must operate at degraded capacity.
Check Content
Examine the Policy Agent policy statements. If it can be determined that policy that protects against or limits the effects of denial-of-service (DoS) attacks by ensuring the operating system is implementing rate-limiting measures on impacted network interfaces, this is not a finding.
Fix Text
Develop Policy application and policy agent to protect against or limit the effects of denial-of-service (DoS) attacks by ensuring the operating system is implementing rate-limiting measures on impacted network interfaces.
Additional Identifiers
Rule ID: SV-223792r958902_rule
Vulnerability ID: V-223792
Group Title: SRG-OS-000420-GPOS-00186
Expert Comments
      
        
        
      
      
        
  CCIs
      
      
        
        
      
    
  | Number | Definition | 
|---|---|
| CCI-002385 | Protect against or limit the effects of organization-defined types of denial-of-service events. | 
      
        
        
      
      
        
  Controls
      
      
        
        
      
    
  | Number | Title | 
|---|---|
| SC-5 | Denial-of-service Protection |