UCF STIG Viewer Logo

IBM z/OS Policy agent must contain a policy that manages excess capacity, bandwidth, or other redundancy to limit the effects of information flooding types of Denial of Service (DoS) attacks.


Finding ID Version Rule ID IA Controls Severity
V-223572 ACF2-OS-000370 SV-223572r533198_rule Medium
DoS is a condition when a resource is not available for legitimate users. When this occurs, the organization either cannot accomplish its mission or must operate at degraded capacity.
IBM z/OS ACF2 Security Technical Implementation Guide 2022-06-22


Check Text ( C-25245r500851_chk )
Examine the Policy Agent policy statements. If it can be determined that there are policy statements that manages excess capacity, this is not a finding.
Fix Text (F-25233r500852_fix)
Develop Policy application and Policy agent to manage excess capacity.