IBM z/OS ACF2 Security Technical Implementation Guide
Rules, Groups, and Values defined within the XCCDF Benchmark
-
SRG-OS-000480-GPOS-00225
<GroupDescription></GroupDescription>Group -
CA-ACF2 must prevent the use of dictionary words for passwords.
<VulnDiscussion>If the operating system allows the user to select passwords based on dictionary words, then this increases the chances of pas...Rule Medium Severity -
SRG-OS-000480-GPOS-00227
<GroupDescription></GroupDescription>Group -
CA-ACF2 database must be on a separate physical volume from its backup and recovery data sets.
<VulnDiscussion>Configuring the operating system to implement organization-wide security implementation guides and security checklists ensure...Rule Medium Severity -
SRG-OS-000480-GPOS-00227
<GroupDescription></GroupDescription>Group -
CA-ACF2 database must be backed up on a scheduled basis.
<VulnDiscussion>Configuring the operating system to implement organization-wide security implementation guides and security checklists ensure...Rule Medium Severity -
SRG-OS-000480-GPOS-00227
<GroupDescription></GroupDescription>Group -
ACF2 REFRESH attribute must be restricted to security administrators' LOGON ID only.
<VulnDiscussion>Users with the refresh attribute have the ability to effect changes to ESM global system options. Unauthorized use could resu...Rule Medium Severity -
SRG-OS-000480-GPOS-00227
<GroupDescription></GroupDescription>Group -
ACF2 maintenance LOGONIDs must have corresponding GSO MAINT records.
<VulnDiscussion>Activity under unusual conditions can indicate hostile activity. For example, what is normal activity during business hours c...Rule Medium Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.