STIGs RMF Controls Compare

STIGhub

A free tool to search and browse the entire DISA STIG library. Saves up to 75% in security compliance research time.

Navigation

Browse STIGs
Search
RMF Controls
Compare Versions

Resources

About
Release Notes
VPAT
DISA STIG Library

STIGs updated 5 hours ago

Powered by Pylon

© 2026 Beacon Cloud Solutions, Inc. All rights reserved.

← Back to STIGs

zOS WebSphere MQ for RACF Security Technical Implementation Guide

Version

V7R3

Release Date

Sep 27, 2025

SCAP Benchmark ID

zOS_WebsphereMQ_for_RACF_STIG

Total Checks

17

Tags

other

CAT I: 2CAT II: 15CAT III: 0

This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DOD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: disa.stig_spt@mail.mil.

Export CKL Export CSV Export JSON Download STIG ZIP

Checks (17)

V-224551HIGHWebSphere MQ channel security must be implemented in accordance with security requirements.V-224552MEDIUMWebSphere MQ channel security is not implemented in accordance with security requirements.V-224553MEDIUMProduction WebSphere MQ Remotes must utilize Certified Name Filters (CNF).V-224554MEDIUMUser timeout parameter values for WebSphere MQ queue managers are not specified in accordance with security requirements.V-224555MEDIUMWebSphere MQ started tasks are not defined in accordance with the proper security requirements.V-224556MEDIUMWebSphere MQ all update and alter access to MQSeries/WebSphere MQ product and system data sets are not properly restricted.V-224557MEDIUMWebSphere MQ resource classes must be properly activated for security checking by the ESM.V-224558HIGHWebSphere MQ switch profiles must be properly defined to the appropriate ADMIN class.V-224559MEDIUMWebSphere MQ connection class resource definitions must be protected in accordance with security.V-224560MEDIUMWebSphere MQ dead letter and alias dead letter queues are not properly defined.V-224561MEDIUMWebSphere MQ MQQUEUE (Queue) resource profiles defined to the appropriate class must be protected in accordance with security requirements.V-224562MEDIUMWebSphere MQ Process resource profiles defined in the appropriate Class must be protected in accordance with security requirements.V-224563MEDIUMWebSphere MQ Namelist resource profiles defined in the appropriate class must be protected in accordance with security requirements.V-224564MEDIUMWebSphere MQ Alternate User resources defined to appropriate ADMIN resource class must be protected in accordance with security requirements.V-224565MEDIUMWebSphere MQ context resources defined to the appropriate ADMIN resource class must be protected in accordance with security requirements.V-224566MEDIUMWebSphere MQ command resources defined to MQCMDS resource class are not protected in accordance with security requirements.V-224567MEDIUMWebSphere MQ RESLEVEL resources in the appropriate ADMIN resource class must be protected in accordance with security requirements.