STIGQter: STIG Summary: z/OS RACF STIG Version: 6 Release: 43 Benchmark Date: 24 Jan 2020: The CMDVIOL SETROPTS value is not set to CMDVIOL.

DISA Rule

SV-257r2_rule

Vulnerability Number

V-257

Group Title

RACF0280

Rule Version

RACF0280

Severity

CAT II

CCI(s)

CCI-002723 - The information system, upon detection of a potential integrity violation, provides the capability to audit the event.
CCI-002724 - The information system, upon detection of a potential integrity violation, initiates one or more of the following actions: generates an audit record; alerts the current user; alerts organization-defined personnel or roles; and/or organization-defined other actions.

Weight

Fix Recommendation

The IAO will ensure that CMDVIOL SETROPTS value is active and set to log RACF commands violations.

Evaluate the impact associated with implementation of the control option. Develop a plan of action to implement the control option as specified in the example below:

The RACF Command SETR LIST will show the status of RACF Controls including a list of ATTRIBUTES.

(1) Command Violation Logging is activated with the command SETR CMDVIOL.

Check Contents

a) Refer to the following report produced by the RACF Data Collection:

- RACFCMDS.RPT(SETROPTS)

Automated Analysis
Refer to the following report produced by the RACF Data Collection:

- PDI(RACF0280)

b) If the CMDVIOL value is listed as one of the ATTRIBUTES, there is NO FINDING.

c) If the CMDVIOL value is not listed as one of the ATTRIBUTES, this is a FINDING.

STIGQter: STIG Summary: z/OS RACF STIG Version: 6 Release: 43 Benchmark Date: 24 Jan 2020: The CMDVIOL SETROPTS value is not set to CMDVIOL.

DISA Rule

Vulnerability Number

Group Title

Rule Version

Severity

CCI(s)

Weight

Fix Recommendation

Check Contents

Vulnerability Number

Documentable

Rule Version

Severity Override Guidance

Check Content Reference

Responsibility

Target Key

Comments