STIGQter: STIG Summary: IBM z/OS TSS Security Technical Implementation Guide Version: 8 Release: 2 Benchmark Date: 23 Apr 2021:

CA-TSS DOWN Control Option values must be properly specified.

DISA Rule

SV-223956r561402_rule

Vulnerability Number

V-223956

Group Title

SRG-OS-000184-GPOS-00078

Rule Version

TSS0-ES-000830

Severity

CAT II

CCI(s)

• CCI-001190 - The information system fails to an organization-defined known-state for organization-defined types of failures.

Weight

10

Fix Recommendation

Evaluate the impact associated with implementation of the control option. Develop a plan of action to implement the control option setting as specified below and proceed with the change.

Setting if ONLY systems personnel are defined in SYS1.UADS: DOWN(BW,SB,TN,OW)

Setting if any non-systems personnel are defined in SYS1.UADS: DOWN(BW,SB,TW,OW)

Check Contents

From the ISPF Command Shell enter:
TSS MODIFY STATUS

If only systems personnel are defined in SYS1.UADS and the DOWN Control Option values are set to DOWN(BW,SB,TN,OW), this is not a finding.

If non-systems personnel are defined in SYS1.UADS and the DOWN Control Option values are set to DOWN(BW,SB,TW,OW), this is not a finding.

Vulnerability Number

V-223956

Documentable

False

Rule Version

TSS0-ES-000830

Severity Override Guidance

From the ISPF Command Shell enter:
TSS MODIFY STATUS

If only systems personnel are defined in SYS1.UADS and the DOWN Control Option values are set to DOWN(BW,SB,TN,OW), this is not a finding.

If non-systems personnel are defined in SYS1.UADS and the DOWN Control Option values are set to DOWN(BW,SB,TW,OW), this is not a finding.

Check Content Reference

M

Target Key

4102

Comments