STIGQter: STIG Summary: IBM z/OS TSS Security Technical Implementation Guide Version: 8 Release: 2 Benchmark Date: 23 Apr 2021:

IBM z/OS FTP Control cards must be properly stored in a secure PDS file.

DISA Rule

SV-223977r561402_rule

Vulnerability Number

V-223977

Group Title

SRG-OS-000480-GPOS-00227

Rule Version

TSS0-FT-000050

Severity

CAT II

CCI(s)

• CCI-000366 - The organization implements the security configuration settings.
• CCI-000202 - The organization ensures unencrypted static authenticators are not embedded in access scripts.

Weight

10

Fix Recommendation

Make sure that the FTP control Cards for each FTP are stored in a secure PDS and that they are not placed in the JCL libraries or in the in-stream JCL for each FTP.

Check Contents

Ask the System administrator fora list(s) of the locations for all FTP Control cards within a given application/AIS, ensuring no FTP control cards are within in-stream JCL, JCL libraries or any open access data sets.

If access to PDS files where FTP Control cards are stored are not restricted to appropriate personnel this is a finding.

Vulnerability Number

V-223977

Documentable

False

Rule Version

TSS0-FT-000050

Severity Override Guidance

Ask the System administrator fora list(s) of the locations for all FTP Control cards within a given application/AIS, ensuring no FTP control cards are within in-stream JCL, JCL libraries or any open access data sets.

If access to PDS files where FTP Control cards are stored are not restricted to appropriate personnel this is a finding.

Check Content Reference

M

Target Key

4102

Comments