UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

z/OS IBM CICS Transaction Server for ACF2 Security Technical Implementation Guide


Overview

Date Finding Count (12)
2022-10-06 CAT I (High): 0 CAT II (Med): 12 CAT III (Low): 0
STIG Description
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: disa.stig_spt@mail.mil.

Available Profiles



Findings (MAC I - Mission Critical Public)

Finding ID Severity Title
V-224303 Medium Sensitive CICS transactions are not protected in accordance with security requirements.
V-224302 Medium CICS system data sets are not properly protected.
V-224313 Medium Sensitive CICS transactions are not protected in accordance with the proper security requirements.
V-224312 Medium Sensitive CICS transactions are not protected in accordance with the proper security requirements.
V-224311 Medium Key ACF2/CICS parameters must be properly coded.
V-224310 Medium CICS startup JCL statement is not specified in accordance with the proper security requirements.
V-224304 Medium CICS System Initialization Table (SIT) parameter values must be specified in accordance with proper security requirements.
V-224305 Medium CICS region logonid(s) must be defined and/or controlled in accordance with the security requirements.
V-224306 Medium CICS default logonid(s) must be defined and/or controlled in accordance with the security requirements.
V-224307 Medium CICS logonid(s) must be configured with proper timeout and signon limits.
V-224308 Medium ACF2/CICS parameter data sets are not protected in accordance with the proper security requirements.
V-224309 Medium IBM CICS Transaction Server SPI command resources must be properly defined and protected.