Title

The IBM z/OS Policy Agent must contain a policy that manages excess capacity, bandwidth, or other redundancy to limit the effects of information flooding types of denial-of-service (DoS) attacks. (Cat II impact)

Discussion

DoS is a condition when a resource is not available for legitimate users. When this occurs, the organization either cannot accomplish its mission or must operate at degraded capacity.

Check Content

Examine the Policy Agent policy statements. If it can be determined that there are policy statements that manages excess capacity, this is not a finding.

Fix Text

Develop Policy application and Policy agent to manage excess capacity.

Additional Identifiers

Rule ID: SV-224011r877852_rule

Vulnerability ID: V-224011

Group Title: SRG-OS-000142-GPOS-00071

Expert Comments

CCIs tied to check.

Controls tied to check. These are derived from the CCIs shown above.