Skip to content
Log In

III - Administrative Public

Rules and Groups employed by this XCCDF Profile

  • SRG-APP-000340-MFP-000088

    Group
    Show

  • IBM Security zSecure must prevent nonprivileged users from executing privileged zSecure functions.

    Preventing nonprivileged users from executing privileged zSecure functions mitigates the risk that unauthorized individuals or processes may gain unnecessary access to information or privileges. P...
    Rule Medium Severity
    Show

  • SRG-APP-000342-MFP-000090

    Group
    Show

  • The IBM Security zSecure programs CKFCOLL and CKGRACF, and the APF-authorized version of program CKRCARLA, must be restricted to security administrators, security batch jobs performing External Security Manager (ESM) maintenance, auditors, and systems programmers, and must be audited.

    Users authorized to use the zSecure program CKFCOLL can collect z/OS system information that is not accessible to regular users. Users authorized to use the zSecure program CKGRACF can change cer...
    Rule Medium Severity
    Show

  • SRG-APP-000379-MFP-000186

    Group
    Show

  • IBM Security zSecure must implement organization-defined automated security responses if baseline zSecure configurations are changed in an unauthorized manner.

    Unauthorized changes to the zSecure baseline configuration could make the system vulnerable to various attacks or allow unauthorized access to the system. Changes to information system configuratio...
    Rule Medium Severity
    Show

  • SRG-APP-000454-MFP-000343

    Group
    Show

  • IBM Security zSecure must remove all upgraded/replaced zSecure software components that are no longer required for operation after updated versions have been installed.

    Previous versions of zSecure products and components that are not removed from the information system after updates have been installed may be exploited by adversaries. Some information technology ...
    Rule Medium Severity
    Show

  • SRG-APP-000456-MFP-000345

    Group
    Show

  • IBM Security zSecure system administrators must install security-relevant zSecure software updates within the time period directed by an authoritative source (e.g., IAVMs, CTOs, DTMs, and STIGs).

    Security flaws with software applications are discovered daily. Vendors are constantly updating and patching their products to address newly discovered security vulnerabilities. Organizations (incl...
    Rule Medium Severity
    Show

Node 2

siemur/test-space

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules