Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
The CA-ACF2 LOGONID with the REFRESH attribute must have procedures for utilization.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-97635 | ACF2-ES-000500 | SV-106739r1_rule | Medium |
| Description |
|---|
| Configuring the operating system to implement organization-wide security implementation guides and security checklists ensures compliance with federal standards and establishes a common security baseline across DoD that reflects the most restrictive security posture consistent with operational requirements. |
| STIG | Date |
|---|---|
| IBM z/OS ACF2 Security Technical Implementation Guide | 2020-06-29 |
Details
| Check Text ( C-96469r1_chk ) |
|---|
| From the ACF Command screen enter: SET LID LIST IF(REFRESH) If procedures exist to utilize the logonid with the REFRESH attribute to refresh ACF2 global options, this is not a finding. Example: When the ISSO determines it necessary to refresh the ACF2 global options, the ISSO will do the following: -Activate the REFRESH ID with the following setting(s): NOSUSPEND NOPSWD EXP PASSWORD(new password) -Instruct Operations to perform the REFRESH. -Deactivate the REFRESH ID with the following setting: SUSPEND If no procedures exist in accordance with the STIG requirements to utilize the logonid with the REFRESH attribute to refresh ACF2 global options, this is a finding. |
| Fix Text (F-103311r1_fix) |
|---|
| Review security procedures for defining LOGONIDs and develop documentation of requirements for the LOGONID associated with the REFRESH attribute. Example: When the ISSO determines it necessary to refresh the ACF2 global options, the ISSO will do the following: -Activate the REFRESH ID with the following setting(s): NOSUSPEND NOPSWD EXP PASSWORD(new password) -Instruct Operations to perform the REFRESH. -Deactivate the REFRESH ID with the following setting: SUSPEND |