zOS WebsphereMQ for RACF Security Technical Implementation Guide
Rules, Groups, and Values defined within the XCCDF Benchmark
-
SRG-OS-000080
Group -
WebSphere MQ Process resource profiles defined in the appropriate Class must be protected in accordance with security requirements.
WebSphere MQ Process resources allow for the control of processes. Failure to properly protect WebSphere MQ resources may result in unauthorized access. This exposure could compromise the availabil...Rule Medium Severity -
SRG-OS-000080
Group -
WebSphere MQ Namelist resource profiles defined in the appropriate class must be protected in accordance with security requirements.
WebSphere MQ resources allow for the control of administrator functions, connections, commands, queues, processes, and namelists. Some resources provide the ability to disable or bypass security ch...Rule Medium Severity -
SRG-OS-000080
Group -
SRG-OS-000080
Group -
WebSphere MQ context resources defined to the appropriate ADMIN resource class must be protected in accordance with security requirements.
Context security validates whether a userid has authority to pass or set identity and/or origin data for a message. Context security will be active to avoid security exposure. This exposure could ...Rule Medium Severity -
SRG-OS-000080
Group -
WebSphere MQ command resources defined to MQCMDS resource class are not protected in accordance with security requirements.
WebSphere MQ resources allow for the control of commands. Failure to properly protect WebSphere MQ Command resources may result in unauthorized access. This exposure could compromise the availab...Rule Medium Severity -
SRG-OS-000080
Group -
WebSphere MQ RESLEVEL resources in the appropriate ADMIN resource class must be protected in accordance with security requirements.
RESLEVEL security profiles control the number of userids checked for API-resource security. RESLEVEL is a powerful option that can cause the bypassing of all security checks. RESLEVEL security will...Rule Medium Severity -
WebSphere MQ channel security must be implemented in accordance with security requirements.
WebSphere MQ Channel security can be configured to provide authentication, message privacy, and message integrity between queue managers. Secure Sockets Layer (SSL) uses encryption techniques, digi...Rule High Severity -
WebSphere MQ switch profiles must be properly defined to the appropriate ADMIN class.
WebSphere MQ resources allow for the control of administrator functions, connections, commands, queues, processes, and namelists. Some resources provide the ability to disable or bypass security ch...Rule High Severity -
WebSphere MQ Alternate User resources defined to appropriate ADMIN resource class must be protected in accordance with security requirements.
WebSphere MQ resources allow for the control of administrator functions, connections, commands, queues, processes, and namelists. Some resources provide the ability to disable or bypass security ch...Rule Medium Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.