z/OS CA 1 Tape Management for ACF2 Security Technical Implementation Guide

Overview

Version	Date	Finding Count (9)			Downloads
7	2024-12-16	CAT I (High): 0	CAT II (Medium): 9	CAT III (Low): 0	Excel ↓JSON ↓XML ↓

STIG Description

This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DOD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: disa.stig_spt@mail.mil.

Classified	Public	Sensitive
I - Mission Critical Classified	I - Mission Critical Public	I - Mission Critical Sensitive
II - Mission Support Classified	II - Mission Support Public	II - Mission Support Sensitive
III - Administrative Classified	III - Administrative Public	III - Administrative Sensitive

Findings - All

Finding ID	Title	Description
V-224256	CA 1 Tape Management system password will be changed from the default.	CA 1 Tape Management default system password is common with all CA 1 systems. With this password, CA 1 tape processing can be deactivated. This could ...
V-224257	CA 1 Tape Management user exits, when in use, must be reviewed and/or approved.	CA-1 Tape Management user exits, TMSUXnA and TMSUXnS, provide the capability to bypass or modify existing ACP controls. A review and evaluation of exi...
V-224258	CA 1 Tape Management installation data sets must be properly protected.	CA 1 Tape Management installation data sets have the ability to use privileged functions and/or have access to sensitive data. Failure to properly res...
V-224259	CA-1 Tape Management STC data sets must be properly protected.	CA-1 Tape Management STC data sets have the ability to use privileged functions and/or have access to sensitive data. Failure to properly restrict acc...
V-224260	CA 1 Tape Management TMC, AUDIT and optional RDS and VPD data sets will be properly protected.	CA 1 Tape Management TMC and AUDIT and optional data sets control the operations and access to the tape management system, and site specific informati...
V-224261	CA 1 Tape Management command resources must be properly defined and protected.	CA 1 Tape Management can run with sensitive system privileges, and potentially can circumvent system controls. Failure to properly control access to p...
V-224262	CA 1 Tape Management function and password resources must be properly defined and protected.	CA 1 Tape Management can run with sensitive system privileges, and potentially can circumvent system controls. Failure to properly control access to p...
V-224263	CA 1 Tape Management Started Task name will be properly identified and/or defined to the system ACP.	CA 1 Tape Management requires a started task that will be restricted to certain resources, datasets and other system functions. By defining the starte...
V-224264	CA 1 Tape Management external security options must be specified properly.	CA 1 Tape Management offers multiple external security interfaces that are controlled by parameters specified in TMOOPT00. These interfaces provide se...