STIGQter STIGQter: STIG Summary: z/OS ACF2 STIG Version: 6 Release: 43 Benchmark Date: 24 Jan 2020: The PPGM GSO record value must indicate protected programs that are only executed by privileged users.

DISA Rule

SV-143r3_rule

Vulnerability Number

V-143

Group Title

ACF0380

Rule Version

ACF0380

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

The IAO will ensure that the PPGM GSO value indicates protected programs that are only executed by privileged users.

Check the SENSITIVE UTILITY CONTROLS Table in the zOS STIG Addendum.

Define protected programs that can only be executed by privileged users.

PGM MASK(pgm mask1, ...,pgm-mask255)

Example:

SET C(GSO)
INSERT PPGM PGM-MASK(<program name or generic equivalent>)

F ACF2,REFRESH(PPGM)

Check Contents

a) Refer to the following report produced by the ACF2 Data Collection:

- ACF2CMDS.RPT(ACFGSO)

Automated Analysis requires Additional Analysis.
Refer to the following report produced by the ACF2 Data Collection:

- PDI(ACF0380)

b) Compare the GSO PPGM record values with the programs:

Check the SENSITIVE UTILITY CONTROLS Table is located in the Z/OS Addendum.

c) If all applicable programs or their generic equivalent referenced in (b) above are represented by GSO PPGM record values, there is NO FINDING.

d) If any applicable program referenced in (b) above is not represented by a GSO PPGM record value, this is a FINDING.

Vulnerability Number

V-143

Documentable

False

Rule Version

ACF0380

Severity Override Guidance

a) Refer to the following report produced by the ACF2 Data Collection:

- ACF2CMDS.RPT(ACFGSO)

Automated Analysis requires Additional Analysis.
Refer to the following report produced by the ACF2 Data Collection:

- PDI(ACF0380)

b) Compare the GSO PPGM record values with the programs:

Check the SENSITIVE UTILITY CONTROLS Table is located in the Z/OS Addendum.

c) If all applicable programs or their generic equivalent referenced in (b) above are represented by GSO PPGM record values, there is NO FINDING.

d) If any applicable program referenced in (b) above is not represented by a GSO PPGM record value, this is a FINDING.

Check Content Reference

M

Responsibility

Information Assurance Officer

Target Key

198

Comments