From z/OS ACF2 STIG
Part of ZCICA022
Associated with IA controls: DCCS-1, ECCD-2, DCCS-2, ECCD-1
Associated with: CCI-000366
The CICS SIT is used to define system operation and configuration parameters of a CICS system. Several of these parameters control the security within a CICS region. Failure to code the appropriate values could result in unexpected operations and degraded security. This exposure may result in unauthorized access impacting the confidentiality, integrity, and availability of the CICS region, applications, and customer data.
a) Refer to the following report produced by the z/OS Data Collection: - EXAM.RPT(CICSPROC) Refer to the CICS Systems Programmer Worksheets filled out from previous vulnerability ZCIC0010. b) Ensure every CICS region on the system has the ACF2PARM DD statement in the CICS startup JCL. c) If the item in (b) is true for each CICS region, there is NO FINDING. d) If the item in (b) is untrue for a CICS region, this is a FINDING.
The IAO will ensure that each CICS region procedure has the ACF2/CICS parameter dataset specified. Ensure every CICS region on the system has the ACF2PARM DD statement in the CICS startup JCL. View the started task proc for each CICS region in SYS3.PROCLIB using ISPF.
Lavender hyperlinks in small type off to the right (of CSS
class id
, if you view the page source) point to
globally unique URIs for each document and item. Copy the
link location and paste anywhere you need to talk
unambiguously about these things.
You can obtain data about documents and items in other
formats. Simply provide an HTTP header Accept:
text/turtle
or
Accept: application/rdf+xml
.
Powered by sagemincer