From z/OS ACF2 STIG
Part of ACP00180
Associated with IA controls: DCCS-1, ECCD-2, DCCS-2, ECAR-3, ECAR-2, ECCD-1, ECAR-1
SMF data collection is the system activity journaling facility of the z/OS system. With the proper parameter designations it serves as the basis to ensure individual user accountability. SMF data is the primary source for cost charge back in DISA. Unauthorized access could result in the compromise of logging and recording of the operating system environment, ACP, and customer data.
a) Refer to the following report produced by the Data Set and Resource Data Collection: - SENSITVE.RPT(SMFXRPT) Automated Analysis Refer to the following report produced by the Data Set and Resource Data Collection: - PDI(ACP00180) ___ The ACP data set rules for the SMF data collection files (e.g., SYS1.MAN*) allow inappropriate access. ___ The ACP data set rules for the SMF data collection files (e.g., SYS1.MAN*) do not restrict ALTER access to only z/OS systems programming personnel. ___ The ACP data set rules for the SMF data collection files (e.g., SYS1.MAN*) do not restrict UPDATE access to z/OS systems programming personnel, and/or batch jobs that perform SMF dump processing. ___ The ACP data set rules for SMF data collection files (e.g., SYS1.MAN*) do not specify that all (i.e., failures and successes) UPDATE and/or ALTER access will be logged. b) If all of the above are untrue, there is NO FINDING. c) If any of the above is true, this is a FINDING.
Evaluate the impact of correcting the deficiency. Develop a plan of action and implement the changes as required to protect modification or deletion of SMF collection files. The IAO will ensure that allocate/alter authority to SMF collection files is limited to only systems programming staff and and/or batch jobs that perform SMF dump processing and ensure the accesses are being logged.
Lavender hyperlinks in small type off to the right (of CSS
class id
, if you view the page source) point to
globally unique URIs for each document and item. Copy the
link location and paste anywhere you need to talk
unambiguously about these things.
You can obtain data about documents and items in other
formats. Simply provide an HTTP header Accept:
text/turtle
or
Accept: application/rdf+xml
.
Powered by sagemincer