STIGQter: STIG Summary: IBM z/OS TSS Security Technical Implementation Guide Version: 8 Release: 2 Benchmark Date: 23 Apr 2021:

The IBM z/OS TCPIP.DATA configuration statement must contain the DOMAINORIGIN or DOMAIN specified for each TCP/IP defined.

DISA Rule

SV-224063r561402_rule

Vulnerability Number

V-224063

Group Title

SRG-OS-000402-GPOS-00181

Rule Version

TSS0-TC-000080

Severity

CAT II

CCI(s)

• CCI-002468 - The information system performs data origin verification authentication on the name/address resolution responses the system receives from authoritative sources.

Weight

10

Fix Recommendation

Configure the TCPIP.DATA file to include the DOMAINORIGIN/DOMAIN (The DOMAIN statement is functionally equivalent to the DOMAINORIGIN Statement).

Check Contents

Refer to the Data configuration file specified on the SYSTCPD DD statement in the TCPIP started task JCL.

If the DOMAINORIGIN/DOMAIN (The DOMAIN statement is functionally equivalent to the DOMAINORIGIN Statement) is specified in the TCP/IP Data configuration file, this is not a finding.

Vulnerability Number

V-224063

Documentable

False

Rule Version

TSS0-TC-000080

Severity Override Guidance

Refer to the Data configuration file specified on the SYSTCPD DD statement in the TCPIP started task JCL.

If the DOMAINORIGIN/DOMAIN (The DOMAIN statement is functionally equivalent to the DOMAINORIGIN Statement) is specified in the TCP/IP Data configuration file, this is not a finding.

Check Content Reference

M

Target Key

4102

Comments