UCF STIG Viewer Logo

BMC IOA configuration/parameter values are not specified properly.


Overview

Finding ID Version Rule ID IA Controls Severity
V-18014 ZIOAT040 SV-31960r1_rule Medium
Description
BMC IOA configuration/parameters control the security and operational characteristics of products. If these parameter values are improperly specified, security and operational controls may be weakened. This exposure may threaten the availability of the product applications, and compromise the confidentiality of customer data.
STIG Date
z/OS BMC IOA for TSS STIG 2018-09-20

Details

Check Text ( C-3616r1_chk )
Refer to the following applicable reports produced by the z/OS Data Collection:

- IOA.RPT(SECPARM)

Automated Analysis
Refer to the following report produced by the z/OS Data Collection:

- PDI(ZIOA0040)

The following keywords will have the specified values in the BMC IOA security parameter member:

Keyword Value
DEFMCHKI $$IOAEDM
SECTOLI NO
DFMI06 EXTEND
DFMI07 EXTEND
DFMI09 EXTEND
DFMI12 EXTEND
DFMI16 EXTEND
DFMI32 EXTEND
DFMI40 EXTEND
DFMI42 EXTEND
IOACLASS IOA
TSSCLAS ACIDCHK
IOATCBS YES
Fix Text (F-6682r1_fix)
The BMC IOA Systems programmer will verify that any configuration/parameters that are required to control the security of the product are properly configured and syntactically correct. Set the standard values for the BMC IOA security parameters for the specific ACP environment along with additional IOA security parameters with standard values as documented below.

Keyword Value
DEFMCHKI $$IOAEDM
SECTOLI NO
DFMI06 EXTEND
DFMI07 EXTEND
DFMI09 EXTEND
DFMI12 EXTEND
DFMI16 EXTEND
DFMI32 EXTEND
DFMI40 EXTEND
DFMI42 EXTEND
IOACLASS IOA
TSSCLAS ACIDCHK
IOATCBS YES