STIGQter: STIG Summary: z/OS BMC MAINVIEW for z/OS for ACF2 STIG Version: 6 Release: 8 Benchmark Date: 27 Oct 2017:

BMC MAINVIEW for z/OS configuration/parameter values are not specified properly.

DISA Rule

SV-37806r1_rule

Vulnerability Number

V-18014

Group Title

ZB000040

Rule Version

ZMVZA040

Severity

CAT II

CCI(s)

• CCI-000035 - The information system provides the capability for privileged administrators to configure the organization-defined security policy filters to support different security policies.

Weight

10

Fix Recommendation

The BMC MAINVIEW for z/OS Systems programmer will verify that any configuration/parameters that are required to control the security of the product are properly configured and syntactically correct. Set the standard values for the BMC MAINVIEW for z/OS security parameters for the specific ACP environment along with additional IOA security parameters with standard values as documented below.

Statement(values)
ESMTYPE(AUTO|ACF2)

Check Contents

Refer to the Configuration Location dataset and member specified in the z/OS Dialog Management Procedures for BMC MAINVIEW for z/OS.

Automated Analysis
Refer to the following report produced by the z/OS Data Collection:

- PDI(ZMVZ0040)

The following keywords will have the specified values in the BMC MAINVIEW for z/OS security parameter member:

Statement(values)
ESMTYPE(AUTO|ACF2)

Vulnerability Number

V-18014

Documentable

False

Rule Version

ZMVZA040

Severity Override Guidance

Refer to the Configuration Location dataset and member specified in the z/OS Dialog Management Procedures for BMC MAINVIEW for z/OS.

Automated Analysis
Refer to the following report produced by the z/OS Data Collection:

- PDI(ZMVZ0040)

The following keywords will have the specified values in the BMC MAINVIEW for z/OS security parameter member:

Statement(values)
ESMTYPE(AUTO|ACF2)

Check Content Reference

M

Responsibility

Systems Programmer

Target Key

2093

Comments