IBM z/OS FTP Control cards must be properly stored in a secure PDS file.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
| V-223977 | TSS0-FT-000050 | SV-223977r991589_rule | CCI-000202 | medium |
| Description | ||||
| Configuration settings are the set of parameters that can be changed in hardware, software, or firmware components of the system that affect the security posture and/or functionality of the system. Security-related parameters are those parameters impacting the security state of the system, including the parameters required to satisfy other security control requirements. Security-related parameters include, for example: registry settings; account, file, directory permission settings; and settings for functions, ports, protocols, services, and remote connections. | ||||
| STIG | Date | |||
| IBM z/OS TSS Security Technical Implementation Guide | 2025-06-24 | |||
Details
Check Text (C-223977r991589_chk)
Ask the System administrator fora list(s) of the locations for all FTP Control cards within a given application/AIS, ensuring no FTP control cards are within in-stream JCL, JCL libraries or any open access data sets.
If access to PDS files where FTP Control cards are stored are not restricted to appropriate personnel this is a finding.
Fix Text (F-25638r516331_fix)
Make sure that the FTP control Cards for each FTP are stored in a secure PDS and that they are not placed in the JCL libraries or in the in-stream JCL for each FTP.