STIGhubSTIGhub
STIGsRMF ControlsCompare

STIGhub

A free tool to search and browse the entire DISA STIG library. Saves up to 75% in security compliance research time.

Navigation

  • Browse STIGs
  • Search
  • RMF Controls
  • Compare Versions

Resources

  • About
  • Release Notes
  • VPAT
  • DISA STIG Library
STIGs updated 2 hours ago
Powered by Pylon
© 2026 Beacon Cloud Solutions, Inc. All rights reserved.
← Back to IBM z/OS ACF2 Security Technical Implementation Guide

V-255895

CAT II (Medium)

IBM z/OS FTP.DATA configuration statements for the FTP Server must be specified in accordance with requirements.

Rule ID

SV-255895r991589_rule

STIG

IBM z/OS ACF2 Security Technical Implementation Guide

Version

V9R8

CCIs

CCI-000366

Discussion

This requirement is intended to cover both traditional interactive logons to information systems and general accesses to information systems that occur in other types of architectural configurations (e.g., service-oriented architectures).

Check Content

Refer to the Data configuration file specified on the SYSFTPD DD statement in the FTP started task JCL.

If the UMASK statement is coded with a value of "077", this is not a finding.

Fix Text

Configure the FTP configuration to include the UMASK statement with a value of "077". 

If the FTP Server requires a UMASK value less restrictive than "077", requirements should be justified and documented with the ISSO.