Curso RACF (Vulnerabilidades básicas conocidas)

From RHS Wiki
Revision as of 18:41, 8 April 2016 by Rafahsolis (talk | contribs)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

http://vidroop.es/alumno/leccion.php?id_leccion=3534&tipo_jerarquia=3

  1. .- Excessive PROTECALL(Warning) or NOPROTECALL mode (Moderate)
  2. .- Excessive use of extraordinary RACF attributes (High)
  3. .- Inadequate protection for Authorized Program Facility (APF) libraries (Critical)
  4. .- Excessive numbers of Dataset Profiles in Warning mode (Critical)
  5. .- User entries in te Program Properties Table (PPT) with the Bypass Password Protection (NOPASS) attribute (Critical)
  6. .- Sensitive and Critical Dataset Profiles with Universal Access (UACC) greather than READ (Critical)
  7. .- Started Task with inapropiate Privileges or Trusted attribute and not defined as PROTECTED ids (Critical)
  8. .- Inadequate Security Event Reporting (Critical)
  9. .- Excessive Access to the SMF Datasets (Moderate)
  10. .- Production Job Userid(s) with inapropiate access to all datasets in the z/OS Enviroment (Critical)
  11. .- Excessive numbers of inactive Userids (Moderate)
  12. .- RACF database not properly protected (Critical)
  13. .- Inapropiate usage of z/OS Unix Superuser privilege UID 0 (Critical)
  14. .- Excessive number of user ids with no password interval (Moderate)
  15. .- Improper use or lack of UNIXPRIV profiles and access to FACILITY BPX DAEMON profile (Critical)
Retrieved from "https://wiki.herrerosolis.com/index.php?title=Curso_RACF_(Vulnerabilidades_básicas_conocidas)&oldid=836"