IBM z/OS Policy agent must contain a policy that manages excess capacity, bandwidth, or other redundancy to limit the effects of information flooding types of Denial of Service (DoS) attacks.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-223572	ACF2-OS-000370	SV-223572r958528_rule		Medium

Description

DoS is a condition when a resource is not available for legitimate users. When this occurs, the organization either cannot accomplish its mission or must operate at degraded capacity.

STIG	Date
IBM z/OS ACF2 Security Technical Implementation Guide	2025-06-24

Details

Check Text (C-25245r500851_chk)

Examine the Policy Agent policy statements. If it can be determined that there are policy statements that manages excess capacity, this is not a finding.

Fix Text (F-25233r500852_fix)

Develop Policy application and Policy agent to manage excess capacity.