STIGQter: STIG Summary: z/OS IBM CICS Transaction Server for ACF2 STIG Version: 6 Release: 6 Benchmark Date: 24 Apr 2020: STIGQter: STIG Summary: z/OS IBM CICS Transaction Server for ACF2 STIG Version: 6 Release: 6 Benchmark Date: 24 Apr 2020:SV-7475r3_rule
V-7091
ZCICA011
ZCICA011
CAT II
10
The IAO will ensure that update and allocate access to the ACF2/CICS parameter data set is limited to system programmers and security personnel.
Review the access authorizations for CICS system data sets.
UPDATE and/or ALLOCATE access to the ACF2/CICS parameter data set, specified on the ACF2PARM DD statement, is restricted to systems programming personnel and security personnel.
Example:
$KEY(S3C)
$PREFIX(SYS3)
CICSTS.SYSIN UID(syspaudt) R(A) W(L) A(L) E(A)
CICSTS.SYSIN UID(secaaudt) R(A) W(L) A(L) E(A)
CICSTS.SYSIN UID(*) PREVENT
SET RULE
COMPILE 'ACF2.MVA.DSNRULES(S3C)' STORE
a) Refer to the following report produced by the ACF2 Data Collection:
- SENSITVE.RPT(CICSRPT)
Refer to the CICS Systems Programmer Worksheets filled out from previous vulnerability ZCIC0010.
b) UPDATE and/or ALLOCATE access to the ACF2/CICS parameter data set, specified on the ACF2PARM DD statement, is restricted to systems programming personnel and security personnel.
c) If all items in (b) are true, there is NO FINDING.
d) If any item in (b) is untrue, this is a FINDING.
V-7091
False
ZCICA011
a) Refer to the following report produced by the ACF2 Data Collection:
- SENSITVE.RPT(CICSRPT)
Refer to the CICS Systems Programmer Worksheets filled out from previous vulnerability ZCIC0010.
b) UPDATE and/or ALLOCATE access to the ACF2/CICS parameter data set, specified on the ACF2PARM DD statement, is restricted to systems programming personnel and security personnel.
c) If all items in (b) are true, there is NO FINDING.
d) If any item in (b) is untrue, this is a FINDING.
M
Information Assurance Officer
198