UCF STIG Viewer Logo

CA-ACF2 database must be backed up on a scheduled basis.


Overview

Finding ID Version Rule ID IA Controls Severity
V-223479 ACF2-ES-000610 SV-223479r533198_rule Medium
Description
Configuring the operating system to implement organization-wide security implementation guides and security checklists ensures compliance with federal standards and establishes a common security baseline across DoD that reflects the most restrictive security posture consistent with operational requirements.
STIG Date
IBM z/OS ACF2 Security Technical Implementation Guide 2022-06-22

Details

Check Text ( C-25152r504549_chk )
From the ACF Command enter:
SET CONTROL(GSO)
SHOW SYSTEMS

If based on the information provided, it can be determined that the ESM database is being backed up on a regularly scheduled basis, this is not a finding.

If it cannot be determined that the ESM database is being backed up on a regularly scheduled basis, this is a finding.
Fix Text (F-25140r504550_fix)
Configure ACF2 GSO option to ensure that procedures are in place to back up all ACP files needed for recovery on a scheduled basis.

At a minimum, this means nightly backup of the ACP databases and of other critical security files (such as the ACP parameter file). More frequent backups (two or three times daily) will reduce the time necessary to effect recovery. The ISSO will verify that the backup job(s) run successfully.