From z/OS RACF STIG
Part of RACF0530
Associated with IA controls: DCCS-1, DCCS-2
SECLEVELAUDIT specifies the SECLABEL profiles auditing options are used in addition to the auditing options specified for the resource profile. This additional auditing occurs whenever an attempt is made to access a resource protected by a profile that has a security label specified.
a) Refer to the following report produced by the RACF Data Collection: - RACFCMDS.RPT(SETROPTS) Automated Analysis Refer to the following report produced by the RACF Data Collection: - PDI(RACF0530) b) If the SECLEVELAUDIT is INACTIVE, there is NO FINDING. c) If the SECLEVELAUDIT is ACTIVE, this is a FINDING.
Evaluate the impact associated with implementation of the control option. Develop a plan of action to implement the control option as specified in the example below: NOTE that in order to set or list the SECLEVELAUDIT value, the RACF AUDITOR attribute is required. Reference the documentation for the SETROPTS command in the RACF Command Language Reference. The RACF Command SETR LIST will show the status of RACF Controls including the value for the SECLEVELAUDIT Option. (1) SECLEVELAUDIT is inactivated and set to the required value by issuing the command SETR NOSECLEVELAUDIT.
Lavender hyperlinks in small type off to the right (of CSS
class id, if you view the page source) point to
globally unique URIs for each document and item. Copy the
link location and paste anywhere you need to talk
unambiguously about these things.
You can obtain data about documents and items in other
formats. Simply provide an HTTP header Accept:
text/turtle or
Accept: application/rdf+xml.
Powered by sagemincer