Navigate

Check: ACF0720

zOS ACF2 STIG: ACF0720 (in versions v6 r43 through v6 r30)

Title

LOGONIDS with the REFRESH attribute must have the SUSPEND attribute specified. (Cat III impact)

Discussion

Unauthorized users may be able to effect changes to ACP global system options. This could result in the compromise of the confidentiality, integrity, and availability of the operating system, ACP, or customer data.

Check Content

Refer to the following report produced by the ACF2 Data Collection: - ACF2CMDS.RPT(ATTREFSH) Automated Analysis Refer to the following report produced by the ACF2 Data Collection: - PDI(ACF0720) Ensure that emergency logonids with the REFRESH attribute are in SUSPEND status.

Fix Text

The IAO will ensure that logonids with the REFRESH attribute are in SUSPEND status unless actually in use. The emergency logonids with the REFRESH attribute will be in SUSPEND status unless actually in use. Example: SET LID CHANGE logonid SUSPEND

Additional Identifiers

Rule ID: SV-169r2_rule

Vulnerability ID: V-169

Group Title: ACF0720

Expert Comments

Expert comments are only available to logged-in users.

CCIs

CCIs tied to check.

Number	Definition
CCI-002145	The information system enforces organization-defined circumstances and/or usage conditions for organization-defined information system accounts.
CCI-002277	The information system provides authorized individuals (or processes acting on behalf of individuals) the capability to define the value of associated security attributes.

Controls

Controls tied to check. These are derived from the CCIs shown above.

Number	Title
AC-2 (11)	Usage Conditions
AC-16 (2)	Attribute Value Changes By Authorized Individuals