STIGQter: STIG Summary: z/OS TDMF for TSS STIG Version: 6 Release: 4 Benchmark Date: 20 Jan 2015:

Transparent Data Migration Facility (TDMF) configuration/parameter/option values are not specified properly.

DISA Rule

SV-24802r1_rule

Vulnerability Number

V-18014

Group Title

ZB000040

Rule Version

ZTDM0040

Severity

CAT II

CCI(s)

CCI-000035 - The information system provides the capability for privileged administrators to configure the organization-defined security policy filters to support different security policies.

Weight

Fix Recommendation

The product systems programmer will verify that any configuration / parameters that are required to control the security of the product are properly configured and syntactically correct.

See the required parameters below:

Parameter Options:
VOLUME SECURITY = YES
CHECK TARGET EMPTY = YES

Session Options:
Volume Security is not available.
CHECKTarget|CHKTarget

NOTE: The IAO will ensure that volume resource protection is define to the ACP and access to volumes be given to the approiate personnel.

Check Contents

a) Have the the products system programmer display the configuration/parameters control statements used in the current runing product to define or enable security.

b) Verify the following specifications:

Parameter Options:
VOLUME SECURITY = YES
CHECK TARGET EMPTY = YES

Session Options:
Volume Security is not available.
CHECKTarget|CHKTarget

c) If (b) above is true, there is NO FINDING.

d) If (b) above is untrue, this is a FINDING

Transparent Data Migration Facility (TDMF) configuration/parameter/option values are not specified properly.

DISA Rule

Vulnerability Number

Group Title

Rule Version

Severity

CCI(s)

Weight

Fix Recommendation

Check Contents

Vulnerability Number

Documentable

Rule Version

Severity Override Guidance

Check Content Reference

Responsibility

Target Key

Comments