UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

BMC CONTROL-O configuration/parameter values are not specified properly.


Overview

Finding ID Version Rule ID IA Controls Severity
V-18014 ZCTO0040 SV-32004r1_rule ECCD-1 ECCD-2 Medium
Description
BMC CONTROL-O configuration/parameters control the security and operational characteristics of products. If these parameter values are improperly specified, security and operational controls may be weakened. This exposure may threaten the availability of the product applications, and compromise the confidentiality of customer data.
STIG Date
z/OS BMC CONTROL-O for RACF STIG 2015-06-22

Details

Check Text ( C-6188r1_chk )
Refer to the following applicable reports produced by the z/OS Data Collection:

- IOA.RPT(SECPARM)

Automated Analysis
Refer to the following report produced by the z/OS Data Collection:

- PDI(ZCTO0040)

The following keywords will have the specified values in the BMC CONTROL-O security parameter member:

Keyword Value
DEFMCHKO $$CTOEDM
SECTOLO NO
DFMO01 EXTEND
DFMO02 EXTEND
DFMO03 EXTEND
DFMO04 EXTEND
DFMO08 EXTEND
DFMO10 PROD (new for 6.3.xx)
DFMO15 EXTEND
Fix Text (F-299r1_fix)
The BMC CONTROL-O Systems programmer will verify that any configuration/parameters that are required to control the security of the product are properly configured and syntactically correct. Set the standard values for the BMC CONTROL-O security parameters for the specific ACP environment along with additional IOA security parameters with standard values as documented below.

Keyword Value
DEFMCHKO $$CTOEDM
SECTOLO NO
DFMO01 EXTEND
DFMO02 EXTEND
DFMO03 EXTEND
DFMO04 EXTEND
DFMO08 EXTEND
DFMO10 PROD (new for 6.3.xx)
DFMO15 EXTEND