STIGQter: STIG Summary: IBM z/OS RACF Security Technical Implementation Guide Version: 8 Release: 3 Benchmark Date: 23 Apr 2021: STIGQter: STIG Summary: IBM z/OS RACF Security Technical Implementation Guide Version: 8 Release: 3 Benchmark Date: 23 Apr 2021:SV-223694r604139_rule
V-223694
SRG-OS-000327-GPOS-00127
RACF-ES-000470
CAT II
10
NOTE: The RACF AUDITOR attribute is required in order to specify SETROPTS OPERAUDIT and also to display the OPERAUDIT attribute with the SETROPTS LIST command.
Configure the OPERAUDIT SETROPTS value to be set to OPERAUDIT. This specifies that RACF logs all actions such as accesses to resources and commands for a user who has operations or group operations attribute.
Evaluate the impact associated with implementation of the control option. Develop a plan of action to implement the control option as specified in the example below:
The RACF Command SETR LIST will show the status of RACF Controls including a list of ATTRIBUTES.
Logging of all actions, such as accesses to resources and commands, allowed only because a user has the OPERATIONS or group-OPERATIONS attribute is activated with the command SETR OPERAUDIT.
From the ISPF Command Shell enter:
SETRopts List
If the OPERAUDIT value is listed as one of the ATTRIBUTES, this is not a finding.
If the OPERAUDIT value is not listed as one of the ATTRIBUTES, this is a finding.
V-223694
False
RACF-ES-000470
From the ISPF Command Shell enter:
SETRopts List
If the OPERAUDIT value is listed as one of the ATTRIBUTES, this is not a finding.
If the OPERAUDIT value is not listed as one of the ATTRIBUTES, this is a finding.
M
4101