Check: ZCTMA040
z/OS BMC CONTROL-M for ACF2 STIG:
ZCTMA040
(in versions v6 r10 through v6 r6)
Title
BMC CONTROL-M configuration/parameter values must be specified properly. (Cat II impact)
Discussion
BMC CONTROL-M configuration/parameters control the security and operational characteristics of products. If these parameter values are improperly specified, security and operational controls may be weakened. This exposure may threaten the availability of the product applications, and compromise the confidentiality of customer data.
Check Content
Refer to the following applicable reports produced by the z/OS Data Collection: - IOA.RPT(SECPARM) Automated Analysis Refer to the following report produced by the z/OS Data Collection: - PDI(ZCTM0040) The following keywords will have the specified values in the BMC CONTROL-M security parameter member: Keyword Value DEFMCHKM $$CTMEDM SECTOLM NO DFMM01 EXTEND DFMM02 EXTEND DFMM08 EXTEND SAFJCARD U MSUBCHK NO
Fix Text
Configure the standard values for the BMC CONTROL-M security parameters for the specific ACP environment along with additional IOA security parameters with standard values as documented below. Keyword Value DEFMCHKM $$CTMEDM SECTOLM NO DFMM01 EXTEND DFMM02 EXTEND DFMM08 EXTEND SAFJCARD U MSUBCHK NO
Additional Identifiers
Rule ID: SV-224120r518739_rule
Vulnerability ID: V-224120
Group Title: SRG-OS-000080
Expert Comments
CCIs
Number | Definition |
---|---|
CCI-000035 |
The information system provides the capability for privileged administrators to configure the organization-defined security policy filters to support different security policies. |
CCI-000213 |
The information system enforces approved authorizations for logical access to information and system resources in accordance with applicable access control policies. |