STIGQter: STIG Summary: z/OS TADz for TSS STIG Version: 6 Release: 6 Benchmark Date: 22 Apr 2016:

Tivoli Asset Discovery for z/OS (TADz) Started Task name(s) must be properly identified / defined to the system ACP.

DISA Rule

SV-28555r2_rule

Vulnerability Number

V-17452

Group Title

ZB000030

Rule Version

ZTADT030

Severity

CAT II

CCI(s)

• CCI-000764 - The information system uniquely identifies and authenticates organizational users (or processes acting on behalf of organizational users).

Weight

10

Fix Recommendation

The TADz Systems Programmer and ISSO will ensure that the started task(s) for TADz is properly defined.

Define the started task for TADz.

Example:

TSS CRE(TADZMON) DEPT(Dept) NAME('TADz STC') -
FAC(STC) PASSWORD(password,0) -
SOURCE(INTRDR)

Check Contents

Refer to the following reports produced by the TSS Data Collection:

- TSSCMDS.RPT(@ACIDS)

Review each TADz STC/Batch ACID(s) for the following:

___ Is defined with Facility of STC and/or BATCH.

___ Is sourced to the INTRDR.

If all of the above are true, there is NO FINDING.

If any of the above is untrue, this is a FINDING.

Vulnerability Number

V-17452

Documentable

False

Rule Version

ZTADT030

Severity Override Guidance

Refer to the following reports produced by the TSS Data Collection:

- TSSCMDS.RPT(@ACIDS)

Review each TADz STC/Batch ACID(s) for the following:

___ Is defined with Facility of STC and/or BATCH.

___ Is sourced to the INTRDR.

If all of the above are true, there is NO FINDING.

If any of the above is untrue, this is a FINDING.

Check Content Reference

M

Responsibility

Systems Programmer

Target Key

1858

Comments