STIGQter: STIG Summary: z/OS BMC MAINVIEW for z/OS for TSS STIG Version: 6 Release: 7 Benchmark Date: 20 Jan 2015:

BMC Mainview for z/OS Resource Class must be defined or active in the ACP.

DISA Rule

SV-33846r2_rule

Vulnerability Number

V-18011

Group Title

ZB000038

Rule Version

ZMVZT038

Severity

CAT II

CCI(s)

CCI-000336 - The organization, after the information system is changed, checks the security functions to verify the functions are operating as intended.
CCI-002358 - The information system implements a reference monitor for organization-defined access control policies that is always invoked.

Weight

Fix Recommendation

The IAO will ensure the BMC Mainview for z/OS resource class(es) is (are) defined in the TSS RDT.

(Note: The RESCLASS and/or RESCODE identified below are examples of a possible installation. The actual RESCLASS and/or RESCODE values are determined when the product is actually installed on a system through the product’s installation guide and can be site specific.)

Use the following commands as an example:

TSS ADDTO(RDT) RESCLASS(BMCVIEW) -
RESCODE(3B) DEFACC(READ) -
ATTR(MASK|NOMASK,DEFPROT,LONG,GENERIC) -
ACLST(NONE,READ,UPDATE,ALL)

Check Contents

Refer to the following report produced by the ACP Data Collection:

- TSSCMDS.RPT(#RDT)

If the BMC Mainview for z/OS Resource Class(es) is (are) defined in the Resource Definition Table (RDT) as follows, this is not a finding.

RESOURCE CLASS = class
RESOURCE CODE = X'hex code'
ATTRIBUTE = MASK|NOMASK,MAXOWN(08),MAXPERMIT(044),ACCESS,DEFPROT
ACCESS = NONE(0000),CONTROL(0400),UPDATE(6000),READ(4000)
ACCESS = WRITE(2000),ALL(FFFF)
DEFACC = READ

BMC Mainview for z/OS Resource Class must be defined or active in the ACP.

DISA Rule

Vulnerability Number

Group Title

Rule Version

Severity

CCI(s)

Weight

Fix Recommendation

Check Contents

Vulnerability Number

Documentable

Rule Version

Severity Override Guidance

Check Content Reference

Responsibility

Target Key

Comments