V-224485
SV-224485r1144833_rule
CAT II
A documented procedure is not available instructing how to load and dump the FEP NCP (Network Control Program).
From: z/OS Front End Processor for RACF Security Technical Implementation Guide (V7R2)
Description
<VulnDiscussion>If components of the FEPs are not properly protected, they can be stolen, damaged, or disturbed. Without adequate physical security, unauthorized users can access the control panel, the operator console, and the diskette drive of the service subsystem. Therefore, they can interfere with the normal operations of the FEPs. Improper control of FEP components could compromise network operations.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>
Check Procedure
Review site documentation to validate that procedures are in place to protect the FEP service subsystem and diskette drive:
- Documents and procedures regarding the NCP load and dump processes.
If a procedure is in place relative to the NCP load and dump processes, this is not a finding.
Fix Text
If documented procedures for loading and dumping the FEP NCP (Network Control Program) are not available. Create a procedure document for dumping and loading the FEP and make sure that they are available to the ISSO and to authorized personnel responsible to perform these functions.
CCI Reference
CCI-000366,CCI-000504- Created
- 2026-04-07 20:08:43
- Last Updated
- 2026-04-07 20:08:43