STIGQter: STIG Summary: IBM z/OS RACF Security Technical Implementation Guide Version: 8 Release: 3 Benchmark Date: 23 Apr 2021:

The IBM z/OS Policy Agent must contain a policy that protects against or limits the effects of denial-of-service (DoS) attacks by ensuring the operating system is implementing rate-limiting measures on impacted network interfaces.

DISA Rule

SV-223792r604139_rule

Vulnerability Number

V-223792

Group Title

SRG-OS-000420-GPOS-00186

Rule Version

RACF-OS-000360

Severity

CAT II

CCI(s)

• CCI-002385 - The information system protects against or limits the effects of organization-defined types of denial of service attacks by employing organization-defined security safeguards.

Weight

10

Fix Recommendation

Develop Policy application and policy agent to protect against or limit the effects of denial-of-service (DoS) attacks by ensuring the operating system is implementing rate-limiting measures on impacted network interfaces.

Check Contents

Examine the Policy Agent policy statements.

If it can be determined that policy that protects against or limits the effects of denial-of-service (DoS) attacks by ensuring the operating system is implementing rate-limiting measures on impacted network interfaces, this is not a finding.

Vulnerability Number

V-223792

Documentable

False

Rule Version

RACF-OS-000360

Severity Override Guidance

Examine the Policy Agent policy statements.

If it can be determined that policy that protects against or limits the effects of denial-of-service (DoS) attacks by ensuring the operating system is implementing rate-limiting measures on impacted network interfaces, this is not a finding.

Check Content Reference

M

Target Key

4101

Comments