STIGQter: STIG Summary: IBM z/OS RACF Security Technical Implementation Guide Version: 8 Release: 3 Benchmark Date: 23 Apr 2021:

The IBM RACF database must be on a separate physical volume from its backup and recovery datasets.

DISA Rule

SV-223710r604139_rule

Vulnerability Number

V-223710

Group Title

SRG-OS-000480-GPOS-00227

Rule Version

RACF-ES-000630

Severity

CAT II

CCI(s)

CCI-000366 - The organization implements the security configuration settings.

Weight

Fix Recommendation

Identify the ACP database(s), backup database(s), and recovery data set(s). Develop a plan to keep these data sets on different physical volumes. Implement the movement of these critical ACP files.

Check Contents

Execute the RACDST report from DSMON Utility using 'RACF PRIMARY' and 'RACF BACKUP' as selection criteria.

If the security database and its backup exist on the same volume, this is a finding.

Vulnerability Number

V-223710

Documentable

False

Rule Version

RACF-ES-000630

Severity Override Guidance

Execute the RACDST report from DSMON Utility using 'RACF PRIMARY' and 'RACF BACKUP' as selection criteria.

If the security database and its backup exist on the same volume, this is a finding.

Check Content Reference

Target Key

4101

The IBM RACF database must be on a separate physical volume from its backup and recovery datasets.

DISA Rule

Vulnerability Number

Group Title

Rule Version

Severity

CCI(s)

Weight

Fix Recommendation

Check Contents

Vulnerability Number

Documentable

Rule Version

Severity Override Guidance

Check Content Reference

Target Key

Comments