STIGQter: STIG Summary: IBM z/OS RACF Security Technical Implementation Guide Version: 8 Release: 3 Benchmark Date: 23 Apr 2021:

IBM z/OS must shut down the information system, restart the information system, and/or notify the system administrator when anomalies in the operation of any security functions are discovered.

DISA Rule

SV-223804r604139_rule

Vulnerability Number

V-223804

Group Title

SRG-OS-000447-GPOS-00201

Rule Version

RACF-OS-000500

Severity

CAT II

CCI(s)

• CCI-002702 - The information system shuts the information system down, restarts the information system, and/or initiates organization-defined alternative action(s) when anomalies in the operation of the organization-defined security functions are discovered.

Weight

10

Fix Recommendation

Develop a procedure to shut down the information system, restart the information system, and/or notify the system administrator when anomalies occur.

Check Contents

Ask the system administrator for the procedure to shut down the information system, restart the information system, and/or notify the system administrator when anomalies occur.

If a procedure does not exist, this is a finding.

If the procedure does not properly shut down the information system, restart the information system, and/or notify the system administrator when anomalies occur, this is a finding.

Vulnerability Number

V-223804

Documentable

False

Rule Version

RACF-OS-000500

Severity Override Guidance

Ask the system administrator for the procedure to shut down the information system, restart the information system, and/or notify the system administrator when anomalies occur.

If a procedure does not exist, this is a finding.

If the procedure does not properly shut down the information system, restart the information system, and/or notify the system administrator when anomalies occur, this is a finding.

Check Content Reference

M

Target Key

4101

Comments