2,306
edits
Changes
Jump to navigation
Jump to search
Line 1:
Line 1: − 1.- Excessive PROTECALL(Warning) or NOPROTECALL mode (Moderate)+ − 1.- Excessive use of extraordinary RACF attributes (High)+ − 1.-+ + + + + + + + + + + + +
Curso RACF (Vulnerabilidades básicas conocidas) (edit)
Revision as of 18:41, 8 April 2016
, 18:41, 8 April 2016no edit summary
http://vidroop.es/alumno/leccion.php?id_leccion=3534&tipo_jerarquia=3
http://vidroop.es/alumno/leccion.php?id_leccion=3534&tipo_jerarquia=3
#.- Excessive PROTECALL(Warning) or NOPROTECALL mode (Moderate)
#.- Excessive use of extraordinary RACF attributes (High)
#.- Inadequate protection for Authorized Program Facility (APF) libraries (Critical)
#.- Excessive numbers of Dataset Profiles in Warning mode (Critical)
#.- User entries in te Program Properties Table (PPT) with the Bypass Password Protection (NOPASS) attribute (Critical)
#.- Sensitive and Critical Dataset Profiles with Universal Access (UACC) greather than READ (Critical)
#.- Started Task with inapropiate Privileges or Trusted attribute and not defined as PROTECTED ids (Critical)
#.- Inadequate Security Event Reporting (Critical)
#.- Excessive Access to the SMF Datasets (Moderate)
#.- Production Job Userid(s) with inapropiate access to all datasets in the z/OS Enviroment (Critical)
#.- Excessive numbers of inactive Userids (Moderate)
#.- RACF database not properly protected (Critical)
#.- Inapropiate usage of z/OS Unix Superuser privilege UID 0 (Critical)
#.- Excessive number of user ids with no password interval (Moderate)
#.- Improper use or lack of UNIXPRIV profiles and access to FACILITY BPX DAEMON profile (Critical)