STIGQter: STIG Summary: z/OS ROSCOE for TSS STIG Version: 6 Release: 7 Benchmark Date: 20 Jan 2015:

Resouce Class ROSRES is not defined or active in the ACP.

DISA Rule

SV-24847r1_rule

Vulnerability Number

V-18011

Group Title

ZB000038

Rule Version

ZROST038

Severity

CAT II

CCI(s)

CCI-002358 - The information system implements a reference monitor for organization-defined access control policies that is always invoked.

Weight

Fix Recommendation

The IAO will ensure the Product resource class(es) is (are) defined in the TSS RDT. The IAO will issue one of the following commands to define the Product resource class(es):

TSS REPLACE(RDT) RESCLASS(ROSRES) -
MAXLEN(044) -
ATTR(MASK|NOMASK,DEFPROT) -
ACLST(NONE(0000),CONTROL(0400),UPDATE(6000),READ(4000),WRITE(2000),ALL(FFFF)) -
DEFACC(READ)

TSS ADDTO(RDT) RESCLASS(ROSRES) -
RESCODE(hex-code) -
ATTR(MASK|NOMASK,DEFPROT) -
ACLST(NONE(0000),CONTROL(0400),UPDATE(6000),READ(4000),WRITE(2000),ALL(FFFF)) -
DEFACC(READ)

Check Contents

a) Refer to the following report produced by the ACP Data Collection:

- TSSCMDS.RPT(#RDT)

b) Ensure that Product Resource Class(es) is (are) defined in the Resource Definition Table as follows:

Note: Identify all of the attributes and charactistics of the Product resource class in the TSS Resource Definition Table (delete this note).

RESOURCE CLASS = ROSRES
RESOURCE CODE = X'hex code'
ATTRIBUTE = MASK|NOMASK,MAXOWN(08),MAXPERMIT(044),ACCESS,DEFPROT
ACCESS = NONE(0000),CONTROL(0400),UPDATE(6000),READ(4000)
ACCESS = WRITE(2000),ALL(FFFF)
DEFACC = READ

c) If all of the items in (b) are true, there is NO FINDING.

d) If any item in (b) is untrue, this is a FINDING.

Resouce Class ROSRES is not defined or active in the ACP.

DISA Rule

Vulnerability Number

Group Title

Rule Version

Severity

CCI(s)

Weight

Fix Recommendation

Check Contents

Vulnerability Number

Documentable

Rule Version

Severity Override Guidance

Check Content Reference

Responsibility

Target Key

Comments