STIGQter: STIG Summary: IBM z/OS TSS Security Technical Implementation Guide Version: 8 Release: 2 Benchmark Date: 23 Apr 2021:

IBM z/OS must employ a session manager to manage retaining a users session lock until that user reestablishes access using established identification and authentication procedures.

DISA Rule

SV-224029r561402_rule

Vulnerability Number

V-224029

Group Title

SRG-OS-000480-GPOS-00227

Rule Version

TSS0-OS-000330

Severity

CAT II

CCI(s)

• CCI-000366 - The organization implements the security configuration settings.

Weight

10

Fix Recommendation

Configure any Session Manager in use to retain a user's session lock until that user reestablishes access using established identification and authentication procedures.

Check Contents

Verify the any Session Manager in use retains a user's session lock until that user reestablishes access using established identification and authentication procedures.

If it does not, this is a finding.

Vulnerability Number

V-224029

Documentable

False

Rule Version

TSS0-OS-000330

Severity Override Guidance

Verify the any Session Manager in use retains a user's session lock until that user reestablishes access using established identification and authentication procedures.

If it does not, this is a finding.

Check Content Reference

M

Target Key

4102

Comments