IBM z/OS ACF2 Security Technical Implementation Guide
Rules, Groups, and Values defined within the XCCDF Benchmark
-
SRG-OS-000480-GPOS-00227
<GroupDescription></GroupDescription>Group -
IBM z/OS LOGONIDs with the AUDIT or CONSULT attribute must be properly scoped.
<VulnDiscussion>The use of security policy filters provides protection for the confidentiality of data by restricting the flow of data. A cru...Rule Medium Severity -
SRG-OS-000480-GPOS-00227
<GroupDescription></GroupDescription>Group -
IBM z/OS LOGONID with the ACCTPRIV attribute must be restricted to the ISSO.
<VulnDiscussion>The use of security policy filters provides protection for the confidentiality of data by restricting the flow of data. A cru...Rule Medium Severity -
SRG-OS-000480-GPOS-00227
<GroupDescription></GroupDescription>Group -
IBM z/OS batch jobs with restricted ACF2 LOGONIDs must have the PGM(xxxxxxxx) and SUBAUTH attributes or the SOURCE(xxxxxxxx) attribute assigned to the corresponding LOGONIDs.
<VulnDiscussion>Activity under unusual conditions can indicate hostile activity. For example, what is normal activity during business hours c...Rule Medium Severity -
SRG-OS-000480-GPOS-00227
<GroupDescription></GroupDescription>Group -
CA-ACF2 RULEOPTS GSO record values must be set to the values specified.
<VulnDiscussion>Configuring the operating system to implement organization-wide security implementation guides and security checklists ensure...Rule Medium Severity -
SRG-OS-000480-GPOS-00227
<GroupDescription></GroupDescription>Group -
The CA-ACF2 GSO OPTS record value must be properly specified.
<VulnDiscussion>Configuring the operating system to implement organization-wide security implementation guides and security checklists ensure...Rule Medium Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.