IBM zSecure Suite Security Technical Implementation Guide
Rules, Groups, and Values defined within the XCCDF Benchmark
-
SRG-APP-000133-MFP-000192
Group -
Access to IBM Security zSecure installation data sets must be properly restricted and logged.
If the zSecure application were to allow any user to make changes to software libraries, those changes might be implemented without undergoing the appropriate testing and approvals that are part of...Rule Medium Severity -
SRG-APP-000133-MFP-000193
Group -
Access to IBM Security zSecure STC data sets must be properly restricted and logged.
IBM Security zSecure STC have the ability to use privileged functions and/or have access to sensitive data. Failure to properly restrict access to these zSecure STC data sets could result in violat...Rule Medium Severity -
SRG-APP-000133-MFP-000194
Group -
SRG-APP-000148-MFP-000206
Group -
Started tasks for IBM Security zSecure products must be properly defined.
Started tasks and batch job IDs can be automatically revoked accidentally if not properly protected. When properly protected STCs prevent any attempts to log on with a password, it eliminates the p...Rule Medium Severity -
SRG-APP-000211-MFP-000283
Group -
Access to IBM Security zSecure program resources must be limited to authorized users.
Functional access (which is controlled with access to XFACILIT profiles) must not commingle multiple functions under a single resource profile.Rule Medium Severity -
SRG-APP-000340-MFP-000088
Group -
SRG-APP-000342-MFP-000090
Group -
SRG-APP-000379-MFP-000186
Group -
IBM Security zSecure must implement organization-defined automated security responses if baseline zSecure configurations are changed in an unauthorized manner.
Unauthorized changes to the zSecure baseline configuration could make the system vulnerable to various attacks or allow unauthorized access to the system. Changes to information system configuratio...Rule Medium Severity -
SRG-APP-000454-MFP-000343
Group -
IBM Security zSecure must remove all upgraded/replaced zSecure software components that are no longer required for operation after updated versions have been installed.
Previous versions of zSecure products and components that are not removed from the information system after updates have been installed may be exploited by adversaries. Some information technology ...Rule Medium Severity -
SRG-APP-000456-MFP-000345
Group -
IBM Security zSecure system administrators must install security-relevant zSecure software updates within the time period directed by an authoritative source (e.g., IAVMs, CTOs, DTMs, and STIGs).
Security flaws with software applications are discovered daily. Vendors are constantly updating and patching their products to address newly discovered security vulnerabilities. Organizations (incl...Rule Medium Severity -
SRG-APP-000516-MFP-000195
Group -
Access to IBM Security zSecure user data sets must be properly restricted and logged.
If zSecure were to allow inappropriate reading or updating of user data sets, sensitive information could be disclosed, or changes might result in incorrect results reported by the product. Only qu...Rule Medium Severity -
IBM Security zSecure must prevent nonprivileged users from executing privileged zSecure functions.
Preventing nonprivileged users from executing privileged zSecure functions mitigates the risk that unauthorized individuals or processes may gain unnecessary access to information or privileges. P...Rule Medium Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.