STIGs RMF Controls Compare

STIGhub

A free tool to search and browse the entire DISA STIG library. Saves up to 75% in security compliance research time.

Navigation

Browse STIGs
Search
RMF Controls
Compare Versions

Resources

About
Release Notes
VPAT
DISA STIG Library

STIGs updated 5 hours ago

Powered by Pylon

© 2026 Beacon Cloud Solutions, Inc. All rights reserved.

← Back to STIGs

zOS WebSphere MQ for TSS Security Technical Implementation Guide

Version

V7R2

Release Date

Sep 28, 2025

SCAP Benchmark ID

zOS_WebsphereMQ_for_TSS_STIG

Total Checks

17

Tags

other

CAT I: 2CAT II: 15CAT III: 0

This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DOD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: disa.stig_spt@mail.mil.

Export CKL Export CSV Export JSON Download STIG ZIP

Checks (17)

V-225623HIGHWebSphere MQ channel security must be implemented in accordance with security requirements.V-225624MEDIUMWebSphere MQ channel security is not implemented in accordance with security requirements.V-225625MEDIUMProduction WebSphere MQ Remotes must utilize Certified Name Filters (CNF).V-225626MEDIUMUser timeout parameter values for WebSphere MQ queue managers are not specified in accordance with security requirements.V-225627MEDIUMWebSphere MQ started tasks are not defined in accordance with the proper security requirements.V-225628MEDIUMWebSphere MQ all update and alter access to MQSeries/WebSphere MQ product and system data sets are not properly restricted.V-225629MEDIUMWebSphere MQ security class(es) must not be defined improperly.V-225630HIGHWebSphere MQ switch profiles must be properly defined to the appropriate ADMIN class.V-225631MEDIUMWebSphere MQ connection class resources must be protected properly.V-225632MEDIUMWebSphere MQ dead letter and alias dead letter queues are not properly defined.V-225633MEDIUMWebSphere MQ queue resource defined to the appropriate resource class must be protected in accordance with security requirements.V-225634MEDIUMWebSphere MQ Process resources must be protected in accordance with security requirements.V-225635MEDIUMWebSphere MQ Namelist resources must be protected in accordance with security requirements.V-225636MEDIUMWebSphere MQ alternate user resources defined to appropriate ADMIN resource class must be protected in accordance with security requirements.V-225637MEDIUMWebSphere MQ context resources defined to the appropriate ADMIN resource class must be protected in accordance with security requirements.V-225638MEDIUMWebSphere MQ command resources defined to MQCMDS resource class are not protected in accordance with security requirements.V-225639MEDIUMWebSphere MQ RESLEVEL resources in the appropriate ADMIN resource class must be protected in accordance with security requirements.