Skip to content

II - Mission Support Classified

Rules and Groups employed by this XCCDF Profile

  • SRG-APP-000211-MFP-000283

    <GroupDescription></GroupDescription>
    Group
  • Access to IBM Security zSecure program resources must be limited to authorized users.

    &lt;VulnDiscussion&gt;Functional access (which is controlled with access to XFACILIT profiles) must not commingle multiple functions under a single...
    Rule Medium Severity
  • SRG-APP-000340-MFP-000088

    <GroupDescription></GroupDescription>
    Group
  • zSecure must prevent nonprivileged users from executing privileged zSecure functions.

    &lt;VulnDiscussion&gt;Preventing nonprivileged users from executing privileged zSecure functions mitigates the risk that unauthorized individuals o...
    Rule Medium Severity
  • SRG-APP-000342-MFP-000090

    <GroupDescription></GroupDescription>
    Group
  • The zSecure programs CKFCOLL and CKGRACF, and the APF-authorized version of program CKRCARLA, must be restricted to security administrators, security batch jobs performing External Security Manager (ESM) maintenance, auditors, and systems programmers, and audited.

    &lt;VulnDiscussion&gt;Users authorized to use the zSecure program CKFCOLL can collect z/OS system information that is not accessible to regular use...
    Rule Medium Severity
  • SRG-APP-000379-MFP-000186

    <GroupDescription></GroupDescription>
    Group
  • IBM Security zSecure must implement organization-defined automated security responses if baseline zSecure configurations are changed in an unauthorized manner.

    &lt;VulnDiscussion&gt;Unauthorized changes to the zSecure baseline configuration could make the system vulnerable to various attacks or allow unaut...
    Rule Medium Severity
  • SRG-APP-000454-MFP-000343

    <GroupDescription></GroupDescription>
    Group
  • IBM Security zSecure must remove all upgraded/replaced zSecure software components that are no longer required for operation after updated versions have been installed.

    &lt;VulnDiscussion&gt;Previous versions of zSecure products and components that are not removed from the information system after updates have been...
    Rule Medium Severity

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules