IBM z/OS Policy agent must contain a policy that manages excess capacity, bandwidth, or other redundancy to limit the effects of information flooding types of Denial of Service (DoS) attacks.
DISA Rule
SV-223572r533198_rule
Vulnerability Number
V-223572
Group Title
SRG-OS-000142-GPOS-00071
Rule Version
ACF2-OS-000370
Severity
CAT II
CCI(s)
- CCI-001095 - The information system manages excess capacity, bandwidth, or other redundancy to limit the effects of information flooding types of denial of service attacks.
Weight
10
Fix Recommendation
Develop Policy application and Policy agent to manage excess capacity.
Check Contents
Examine the Policy Agent policy statements. If it can be determined that there are policy statements that manages excess capacity, this is not a finding.
Vulnerability Number
V-223572
Documentable
False
Rule Version
ACF2-OS-000370
Severity Override Guidance
Examine the Policy Agent policy statements. If it can be determined that there are policy statements that manages excess capacity, this is not a finding.
Check Content Reference
M
Target Key
4100
Comments