ACF2 APPLDEF GSO record if used must have supporting documentation indicating the reason it was used.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
| V-223488 | ACF2-ES-000700 | SV-223488r991589_rule | Low |
| Description |
| Failure to restrict network connectivity only to authorized systems permits inbound connections from malicious systems. It also permits outbound connections that may facilitate exfiltration of DoD data. |
| STIG | Date |
| IBM z/OS ACF2 Security Technical Implementation Guide | 2025-06-24 |
Details
| Check Text (C-25161r504570_chk) |
| From the ACF Command screen enter: SET CONTROL(GSO) LIST LIKE(APPLDEF-) If the GSO APPLDEF record does not exist, this is not a finding. If the GSO APPLDEF record does exist and no supporting documentation is available, this is a finding. |
| Fix Text (F-25149r504571_fix) |
| For any APPLDEF GSO record used, it must have supporting documentation indicating the reason it was used. The APPLDEF record is optional. |