From z/OS TSS STIG
Part of ZSMS0022
Associated with IA controls: DCCS-1, COTR-1, ECCD-2, DCCS-2, ECCD-1
DFSMS control data sets provide the configuration and operational characteristics of the system-managed storage environment. Failure to properly protect these data sets may result in unauthorized access. This exposure could compromise the availability and integrity of some system services and customer data.
a) Review the logical parmlib data sets, example: SYS1.PARMLIB(IGDSMSxx), to identify the fully qualified file names for the following SMS data sets: Active Control Data Set (ACDS) Communications Data Set (COMMDS) Automated Analysis Refer to the following report produced by the Data Set and Resource Data Collection: - PDI(ZSMS0022) b) If the COMMDS and ACDS SMS data sets identified in (a) above reside on different volumes, there is NO FINDING. c) If the COMMDS and ACDS SMS data sets identified in (a) above are collocated on the same volume, this is a FINDING.
The systems programmer will see that the primary and backup SMS Control data sets are allocated on separate volumes. (a) Source Control Data Set (SCDS) contains a SMS configuration, which defines a storage management policy. (b) Active Control Data Set (ACDS) contains a copy of the most recently activated configuration. All systems in a SMS complex use this configuration to manage storage. (c) Communications Data Set (COMMDS) contains the name of the ACDS containing the currently active storage management policy, the current utilization statistics for each system managed volume, and other system information. (2) The ACDS data set will reside on a different volume than the COMMDS data set. Allocate backup copies of the ADCS and COMMDS data sets on a different shared volume from the primary ACDS and COMMDS data sets.
Lavender hyperlinks in small type off to the right (of CSS
class id
, if you view the page source) point to
globally unique URIs for each document and item. Copy the
link location and paste anywhere you need to talk
unambiguously about these things.
You can obtain data about documents and items in other
formats. Simply provide an HTTP header Accept:
text/turtle
or
Accept: application/rdf+xml
.
Powered by sagemincer