An active log is not available to keep track of all hardware upgrades and software changes made to the FEP (Front End Processor).

From z/OS RACF STIG

Part of ZFEP0014

Associated with IA controls: DCCS-1, DCCS-2

Associated with: CCI-000318

SV-7198r2_rule An active log is not available to keep track of all hardware upgrades and software changes made to the FEP (Front End Processor).

Vulnerability discussion

If components of the FEPs are not properly protected they can be stolen, damaged, or disturbed. Without adequate physical security, unauthorized users can access the control panel, the operator console, and the diskette drive of the service subsystem. Therefore, they can interfere with the normal operations of the FEPs. Improper control of FEP components could compromise network operations.

Check content

a) Review site documentation to validate that procedures are in place to protect the FEP service subsystem and diskette drive: - All documents and procedures that apply to FEP operations including network management, FEP initialization, IPL, shutdown, NCP dumping, backup, and recovery. b) If a log is in place to keep track of all hardware upgrades and software changes, there is NO FINDING. c) If no log is in place to keep track of all hardware upgrades and software changes, this is a FINDING.

Fix text

The systems programmer will see that a a log of all hardware and software upgrades/changes has been created for auditing purposes and problem tracking. All changes and upgrades will be logged.

Pro Tips

Lavender hyperlinks in small type off to the right (of CSS class id, if you view the page source) point to globally unique URIs for each document and item. Copy the link location and paste anywhere you need to talk unambiguously about these things.

You can obtain data about documents and items in other formats. Simply provide an HTTP header Accept: text/turtle or Accept: application/rdf+xml.

Powered by sagemincer