IBM z/OS ACF2 Security Technical Implementation Guide
Rules, Groups, and Values defined within the XCCDF Benchmark
-
SRG-OS-000063-GPOS-00032
<GroupDescription></GroupDescription>Group -
IBM z/OS SYS1.PARMLIB must be properly protected.
<VulnDiscussion>To mitigate the risk of unauthorized access to sensitive information by entities that have been issued certificates by DOD-ap...Rule High Severity -
SRG-OS-000364-GPOS-00151
<GroupDescription></GroupDescription>Group -
CA-ACF2 must be installed, functional, and properly configured.
<VulnDiscussion>Failure to provide logical access restrictions associated with changes to system configuration may have significant effects o...Rule High Severity -
SRG-OS-000080-GPOS-00048
<GroupDescription></GroupDescription>Group -
CA-ACF2 must limit Write and allocate access to the JES2 System data sets (e.g., Spool, Checkpoint, and Initialization parameters) to system programmers only.
<VulnDiscussion>To mitigate the risk of unauthorized access to sensitive information by entities that have been issued certificates by DoD-ap...Rule Medium Severity -
SRG-OS-000080-GPOS-00048
<GroupDescription></GroupDescription>Group -
CA-ACF2 must limit Write or greater access to libraries that contain PPT modules to system programmers only.
<VulnDiscussion>If the operating system were to allow any user to make changes to software libraries, then those changes might be implemented...Rule Low Severity -
SRG-OS-000480-GPOS-00227
<GroupDescription></GroupDescription>Group -
IBM z/OS procedures must restrict ACF2 LOGONIDs with the READALL attribute to auditors and/or authorized users.
<VulnDiscussion>The use of security policy filters provides protection for the confidentiality of data by restricting the flow of data. A cru...Rule Medium Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.