STIGQter STIGQter: STIG Summary: z/OS NetView for TSS STIG Version: 6 Release: 8 Benchmark Date: 22 Jul 2016:

NetView Started Task name(s) is not properly identified / defined to the system ACP.

DISA Rule

SV-28615r1_rule

Vulnerability Number

V-17452

Group Title

ZB000030

Rule Version

ZNETT030

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

The Systems Programmer and IAO will ensure that the started task(s) for NetView is properly defined.

Define the started task userid CNMPROC and CNMPSSI for NetView.

Example:

TSS CRE(CNMPROC) DEPT(Dept) NAME('NetView') -
FAC(STC) MASTFAC(NETVIEW) PASSWORD(password,0) -
SOURCE(INTRDR)
TSS CRE(CNMPSSI) DEPT(Dept) NAME('NetView') -
FAC(STC) PASSWORD(password,0) -
SOURCE(INTRDR)

Check Contents

a) Refer to the following reports produced by the TSS Data Collection:

- TSSCMDS.RPT(@ACIDS)

b) Review the NetView STC/Batch ACID(s) for the following:

___ Is defined as CNMPROC for the ACID.

___ Is defined as CNMPSSI for the ACID.

___ Both are defined with Facility of STC and/or BATCH.

___ CNMPROC is defined with Master Facility of NETVIEW.

___ Both are sourced to the INTRDR.

c) If all of the above are true, there is NO FINDING.

d) If any of the above is untrue, this is a FINDING.

Vulnerability Number

V-17452

Documentable

False

Rule Version

ZNETT030

Severity Override Guidance

a) Refer to the following reports produced by the TSS Data Collection:

- TSSCMDS.RPT(@ACIDS)

b) Review the NetView STC/Batch ACID(s) for the following:

___ Is defined as CNMPROC for the ACID.

___ Is defined as CNMPSSI for the ACID.

___ Both are defined with Facility of STC and/or BATCH.

___ CNMPROC is defined with Master Facility of NETVIEW.

___ Both are sourced to the INTRDR.

c) If all of the above are true, there is NO FINDING.

d) If any of the above is untrue, this is a FINDING.

Check Content Reference

M

Responsibility

Information Assurance Officer

Target Key

1859

Comments