STIGQter: STIG Summary: IBM z/OS ACF2 Security Technical Implementation Guide Version: 8 Release: 2 Benchmark Date: 23 Apr 2021:

CA-ACF2 database must be backed up on a scheduled basis.

DISA Rule

SV-223479r533198_rule

Vulnerability Number

V-223479

Group Title

SRG-OS-000480-GPOS-00227

Rule Version

ACF2-ES-000610

Severity

CAT II

CCI(s)

• CCI-000366 - The organization implements the security configuration settings.

Weight

10

Fix Recommendation

Configure ACF2 GSO option to ensure that procedures are in place to back up all ACP files needed for recovery on a scheduled basis.

At a minimum, this means nightly backup of the ACP databases and of other critical security files (such as the ACP parameter file). More frequent backups (two or three times daily) will reduce the time necessary to effect recovery. The ISSO will verify that the backup job(s) run successfully.

Check Contents

From the ACF Command enter:
SET CONTROL(GSO)
SHOW SYSTEMS

If based on the information provided, it can be determined that the ESM database is being backed up on a regularly scheduled basis, this is not a finding.

If it cannot be determined that the ESM database is being backed up on a regularly scheduled basis, this is a finding.

Vulnerability Number

V-223479

Documentable

False

Rule Version

ACF2-ES-000610

Severity Override Guidance

From the ACF Command enter:
SET CONTROL(GSO)
SHOW SYSTEMS

If based on the information provided, it can be determined that the ESM database is being backed up on a regularly scheduled basis, this is not a finding.

If it cannot be determined that the ESM database is being backed up on a regularly scheduled basis, this is a finding.

Check Content Reference

M

Target Key

4100

Comments