DISA STIGS Viewer

Transparent Data Migration Facility (TDMF) configuration/parameter/option values are not specified properly.

Overview

Finding ID Version Rule ID IA Controls Severity
V-224541 ZTDM0040 SV-224541r1041353_rule   Medium
Description
Transparent Data Migration Facility (TDMF) configuration/parameter/option settings control the security and operational characteristics of product. If these setting values are improperly specified, security and operational controls may be weakened. This exposure may threaten the availability of the product applications, and compromise the confidentiality of system and customer data.
STIG Date
z/OS TDMF for RACF Security Technical Implementation Guide 2024-12-16

Details

Check Text (C-26224r1041351_chk)
a) Have the products systems programmer display the configuration/parameters control statements used in the current running product to define or enable security.

b) Verify the following specifications:

Parameter Options:
VOLUME SECURITY = YES
CHECK TARGET EMPTY = YES

Session Options:
Volume Security is not available.
CHECKTarget|CHKTarget

c) If (b) above is true, there is no finding.

d) If (b) above is untrue, this is a finding
Fix Text (F-26212r1041352_fix)
The product systems programmer will verify that any configuration / parameters that are required to control the security of the product are properly configured and syntactically correct.

See the required parameters below:

Parameter Options:
VOLUME SECURITY = YES
CHECK TARGET EMPTY = YES

Session Options:
Volume Security is not available.
CHECKTarget|CHKTarget

NOTE: The ISSO will ensure that volume resource protection is defined to the ACP and access to volumes be given to the appropriate personnel.