Difference between revisions of "Curso RACF (Vulnerabilidades básicas conocidas)"
Jump to navigation
Jump to search
Rafahsolis (talk | contribs) |
Rafahsolis (talk | contribs) |
||
| (One intermediate revision by the same user not shown) | |||
| Line 2: | Line 2: | ||
#.- Excessive PROTECALL(Warning) or NOPROTECALL mode (Moderate) | #.- Excessive PROTECALL(Warning) or NOPROTECALL mode (Moderate) | ||
#.- Excessive use of extraordinary RACF attributes (High) | #.- Excessive use of extraordinary RACF attributes (High) | ||
| − | #.- | + | #.- Inadequate protection for Authorized Program Facility (APF) libraries (Critical) |
| + | #.- Excessive numbers of Dataset Profiles in Warning mode (Critical) | ||
| + | #.- User entries in te Program Properties Table (PPT) with the Bypass Password Protection (NOPASS) attribute (Critical) | ||
| + | #.- Sensitive and Critical Dataset Profiles with Universal Access (UACC) greather than READ (Critical) | ||
| + | #.- Started Task with inapropiate Privileges or Trusted attribute and not defined as PROTECTED ids (Critical) | ||
| + | #.- Inadequate Security Event Reporting (Critical) | ||
| + | #.- Excessive Access to the SMF Datasets (Moderate) | ||
| + | #.- Production Job Userid(s) with inapropiate access to all datasets in the z/OS Enviroment (Critical) | ||
| + | #.- Excessive numbers of inactive Userids (Moderate) | ||
| + | #.- RACF database not properly protected (Critical) | ||
| + | #.- Inapropiate usage of z/OS Unix Superuser privilege UID 0 (Critical) | ||
| + | #.- Excessive number of user ids with no password interval (Moderate) | ||
| + | #.- Improper use or lack of UNIXPRIV profiles and access to FACILITY BPX DAEMON profile (Critical) | ||
Latest revision as of 18:41, 8 April 2016
http://vidroop.es/alumno/leccion.php?id_leccion=3534&tipo_jerarquia=3
- .- Excessive PROTECALL(Warning) or NOPROTECALL mode (Moderate)
- .- Excessive use of extraordinary RACF attributes (High)
- .- Inadequate protection for Authorized Program Facility (APF) libraries (Critical)
- .- Excessive numbers of Dataset Profiles in Warning mode (Critical)
- .- User entries in te Program Properties Table (PPT) with the Bypass Password Protection (NOPASS) attribute (Critical)
- .- Sensitive and Critical Dataset Profiles with Universal Access (UACC) greather than READ (Critical)
- .- Started Task with inapropiate Privileges or Trusted attribute and not defined as PROTECTED ids (Critical)
- .- Inadequate Security Event Reporting (Critical)
- .- Excessive Access to the SMF Datasets (Moderate)
- .- Production Job Userid(s) with inapropiate access to all datasets in the z/OS Enviroment (Critical)
- .- Excessive numbers of inactive Userids (Moderate)
- .- RACF database not properly protected (Critical)
- .- Inapropiate usage of z/OS Unix Superuser privilege UID 0 (Critical)
- .- Excessive number of user ids with no password interval (Moderate)
- .- Improper use or lack of UNIXPRIV profiles and access to FACILITY BPX DAEMON profile (Critical)