Check: ZAID0040
z/OS Compuware Abend-AID for RACF STIG:
ZAID0040
(in version v6 r5)
Title
Compuware Abend-AID external security options will be specified properly. (Cat II impact)
Discussion
Compuware Abend-AID offers external security interfaces that are controlled by parameters specified in FDBDPARM DD statement of the started task procedures. These interfaces provide security controls for Abend-AID. Without proper controls to ensure that security is active, the integrity of the Compuware Abend-AID System and the confidentiality of data stored on the system may be compromised.
Check Content
Refer to the contents data set specified in the FDBDPARM DD statement of the started task procedures. Automated Analysis Refer to the following report produced by the z/OS Data Collection: - PDI(ZAID0040) Ensure the following Compuware Abend-AID parameter is (are) specified in the data set specified in the FDBDPARM DD statement of the started task procedures. If the following guidance is true, this is not a finding. Parameter Value EXTERNAL_SECURITY_ENABLED YES
Fix Text
The systems programmer/IAO will ensure that the Compuware Abend-AID parameter is (are) specified. Compuware Abend-AID security interfaces are controlled by parameters coded in the data set specified in the FDBDPARM DD statement of the started task procedures. Parameter Value EXTERNAL_SECURITY_ENABLED YES
Additional Identifiers
Rule ID: SV-43205r2_rule
Vulnerability ID: V-18014
Group Title:
Expert Comments
CCIs
Number | Definition |
---|---|
CCI-000035 |
The information system provides the capability for privileged administrators to configure the organization-defined security policy filters to support different security policies. |
Controls
Number | Title |
---|---|
AC-4 (11) |
Configuration Of Security Policy Filters |