STIGQter: STIG Summary: IBM z/OS TSS Security Technical Implementation Guide Version: 8 Release: 2 Benchmark Date: 23 Apr 2021:

The IBM z/OS Policy Agent must contain a policy that protects against or limits the effects of denial-of-service (DoS) attacks by ensuring IBM z/OS is implementing rate-limiting measures on impacted network interfaces.

DISA Rule

SV-224026r561402_rule

Vulnerability Number

V-224026

Group Title

SRG-OS-000420-GPOS-00186

Rule Version

TSS0-OS-000300

Severity

CAT II

CCI(s)

• CCI-002385 - The information system protects against or limits the effects of organization-defined types of denial of service attacks by employing organization-defined security safeguards.

Weight

10

Fix Recommendation

Develop "Policy Agent" statements to protect against or limit the effects of denial-of-service (DoS) attacks by ensuring the operating system is implementing rate-limiting measures on impacted network interfaces.

Check Contents

Examine the "Policy Agent" policy statements.

If it can be determined that the policy that protects against or limits the effects of denial-of-service (DoS) attacks by ensuring the operating system is implementing rate-limiting measures on impacted network interfaces, this is not a finding.

Vulnerability Number

V-224026

Documentable

False

Rule Version

TSS0-OS-000300

Severity Override Guidance

Examine the "Policy Agent" policy statements.

If it can be determined that the policy that protects against or limits the effects of denial-of-service (DoS) attacks by ensuring the operating system is implementing rate-limiting measures on impacted network interfaces, this is not a finding.

Check Content Reference

M

Target Key

4102

Comments