STIGQter: STIG Summary: z/OS CL/SuperSession for TSS STIG Version: 6 Release: 10 Benchmark Date: 27 Apr 2018:

CL/SuperSession's Resouce Class is not defined or active in the ACP.

DISA Rule

SV-27190r1_rule

Vulnerability Number

V-18011

Group Title

ZB000038

Rule Version

ZCLST038

Severity

CAT II

CCI(s)

CCI-000336 - The organization, after the information system is changed, checks the security functions to verify the functions are operating as intended.
CCI-002358 - The information system implements a reference monitor for organization-defined access control policies that is always invoked.

Weight

Fix Recommendation

Add the resource KLS to the TOP SECRET RDT using the following TSS command example:

TSS ADD(RDT) RESCLASS(KLS) RESCODE(xx)

(where xx is an unused hex value)

Check Contents

a) Refer to the following report produced by the TSS Data Collection:

- TSSCMDS.RPT(#RDT)

b) If the resource class of KLS is defined, there is NO FINDING.

c) If the resource class of KLS is not defined, this is a FINDING.

Vulnerability Number

V-18011

Documentable

False

Rule Version

ZCLST038

Severity Override Guidance

Check Content Reference

Responsibility

Information Assurance Manager

Target Key

1857

CL/SuperSession's Resouce Class is not defined or active in the ACP.

DISA Rule

Vulnerability Number

Group Title

Rule Version

Severity

CCI(s)

Weight

Fix Recommendation

Check Contents

Vulnerability Number

Documentable

Rule Version

Severity Override Guidance

Check Content Reference

Responsibility

Target Key

Comments