Skip to content

III - Administrative Classified

Rules and Groups employed by this XCCDF Profile

  • HLP0010

    <GroupDescription></GroupDescription>
    Group
  • Unauthorized partitions must not exist on the system complex.

    &lt;VulnDiscussion&gt;The running of unauthorized Logical Partitions (LPARs) could allow a “Trojan horse” version of the operating environment to b...
    Rule Medium Severity
  • HLP0020

    <GroupDescription></GroupDescription>
    Group
  • On Classified Systems, Logical Partition must be restricted with read/write access to only its own IOCDS.

    &lt;VulnDiscussion&gt;Unrestricted control over the IOCDS files could result in unauthorized updates and impact the configuration of the environmen...
    Rule Medium Severity
  • HLP0030

    <GroupDescription></GroupDescription>
    Group
  • Processor Resource/Systems Manager (PR/SM) must not allow unrestricted issuing of control program commands.

    &lt;VulnDiscussion&gt;Unrestricted control over the issuing of system commands by a Logical Partition could result in unauthorized data access and ...
    Rule Medium Severity
  • HLP0040

    <GroupDescription></GroupDescription>
    Group
  • Classified Logical Partition (LPAR) channel paths must be restricted.

    &lt;VulnDiscussion&gt;Restricted LPAR channel paths are necessary to ensure data integrity. Unrestricted LPAR channel path access could result in a...
    Rule High Severity
  • HLP0050

    <GroupDescription></GroupDescription>
    Group
  • On Classified Systems the Processor Resource/Systems Manager (PR/SM) must not allow access to system complex data.

    &lt;VulnDiscussion&gt;Allowing unrestricted access to all Logical Partition data could result in the possibility of unauthorized access and updatin...
    Rule Medium Severity

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules