Skip to content

III - Administrative Sensitive

Rules and Groups employed by this XCCDF Profile

  • SRG-OS-000080

    <GroupDescription></GroupDescription>
    Group
  • BMC MAINVIEW for z/OS installation data sets are not properly protected.

    &lt;VulnDiscussion&gt;BMC MAINVIEW for z/OS installation data sets have the ability to use privileged functions and/or have access to sensitive dat...
    Rule Medium Severity
  • SRG-OS-000259

    <GroupDescription></GroupDescription>
    Group
  • BMC MAINVIEW for z/OS STC data sets are not properly protected.

    &lt;VulnDiscussion&gt;BMC MAINVIEW for z/OS STC data sets have the ability to use privileged functions and/or have access to sensitive data. Failur...
    Rule Medium Severity
  • SRG-OS-000018

    <GroupDescription></GroupDescription>
    Group
  • BMC MAINVIEW resources must be properly defined and protected.

    &lt;VulnDiscussion&gt;BMC MAINVIEW can run with sensitive system privileges, and potentially can circumvent system controls. Failure to properly co...
    Rule Medium Severity
  • SRG-OS-000104

    <GroupDescription></GroupDescription>
    Group
  • BMC Mainview for z/OS Started Task name is not properly identified and/or defined to the system ACP.

    &lt;VulnDiscussion&gt;BMC Mainview for z/OS requires a started task that will be restricted to certain resources, datasets and other system functio...
    Rule Medium Severity
  • SRG-OS-000104

    <GroupDescription></GroupDescription>
    Group
  • BMC Mainview for z/OS Started task(s) must be properly defined to the Started Task Table ACID for Top Secret.

    &lt;VulnDiscussion&gt;Access to product resources should be restricted to only those individuals responsible for the application connectivity and w...
    Rule Medium Severity
  • SRG-OS-000104

    <GroupDescription></GroupDescription>
    Group
  • BMC Mainview for z/OS is not properly defined to the Facility Matrix Table for Top Secret.

    &lt;VulnDiscussion&gt;Improperly defined security controls for BMC Mainview for z/OS could result in the compromise of the network, operating syste...
    Rule Medium Severity
  • SRG-OS-000309

    <GroupDescription></GroupDescription>
    Group
  • BMC Mainview for z/OS Resource Class must be defined or active in the ACP.

    &lt;VulnDiscussion&gt;Failure to use a robust ACP to control a product could potentially compromise the integrity and availability of the MVS opera...
    Rule Medium Severity
  • SRG-OS-000018

    <GroupDescription></GroupDescription>
    Group
  • BMC MAINVIEW for z/OS configuration/parameter values are not specified properly.

    &lt;VulnDiscussion&gt;BMC MAINVIEW for z/OS configuration/parameters controls the security and operational characteristics of products. If these p...
    Rule Medium Severity

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules