Rule ID
SV-224249r1141540_rule
Version
V7R2
CCIs
BMC IOA configuration/parameters control the security and operational characteristics of products. If these parameter values are improperly specified, security and operational controls may be weakened. This exposure may threaten the availability of the product applications, and compromise the confidentiality of customer data.
Refer to the following applicable reports produced by the z/OS Data Collection: - IOA.RPT(SECPARM). Automated Analysis Refer to the following report produced by the z/OS Data Collection: - PDI(ZIOA0040). The following keywords will have the specified values in the BMC IOA security parameter member. This is not a finding. Keyword Value DEFMCHKI $$IOAEDM SECTOLI NO DFMI06 EXTEND DFMI07 EXTEND DFMI09 EXTEND DFMI12 EXTEND DFMI16 EXTEND DFMI32 EXTEND DFMI40 EXTEND DFMI42 EXTEND IOACLASS IOAFAC SAFSCLAS SURROGAT IOATCBS YES
The BMC IOA Systems programmer will verify that any configuration/parameters that are required to control the security of the product are properly configured and syntactically correct. Set the standard values for the BMC IOA security parameters for the specific Access Control Program (ACP) environment along with additional IOA security parameters with standard values as documented below. Keyword Value DEFMCHKI $$IOAEDM SECTOLI NO DFMI06 EXTEND DFMI07 EXTEND DFMI09 EXTEND DFMI12 EXTEND DFMI16 EXTEND DFMI32 EXTEND DFMI40 EXTEND DFMI42 EXTEND IOACLASS IOAFAC SAFSCLAS SURROGAT IOATCBS YES