UCF STIG Viewer Logo

ACF2 APPLDEF GSO record if used must have supporting documentation indicating the reason it was used.


Overview

Finding ID Version Rule ID IA Controls Severity
V-223488 ACF2-ES-000700 SV-223488r533198_rule Low
Description
Failure to restrict network connectivity only to authorized systems permits inbound connections from malicious systems. It also permits outbound connections that may facilitate exfiltration of DoD data.
STIG Date
IBM z/OS ACF2 Security Technical Implementation Guide 2022-06-22

Details

Check Text ( C-25161r504570_chk )
From the ACF Command screen enter:
SET CONTROL(GSO)
LIST LIKE(APPLDEF-)

If the GSO APPLDEF record does not exist, this is not a finding.

If the GSO APPLDEF record does exist and no supporting documentation is available, this is a finding.
Fix Text (F-25149r504571_fix)
For any APPLDEF GSO record used, it must have supporting documentation indicating the reason it was used.

The APPLDEF record is optional.