|
|
|
The z/OS catalog system is organized as a tree structure with a VSAM master catalog at the top of the tree. Integrity of the catalog system must be maintained to prevent spoofing of z/OS. Because z/OS permit files with the exact same names to exist on the system as long as they are on separate volumes, using a private catalog in place of the system catalog allows the substitution of a bogus file for a legitimate one. This technique is called spoofing.
Use the z/OS Catalog Display (2.6) to access this information.
Auditor___________________________ Location___________________ Page____of____
Approved__________________________ CPU________________________ Date__________
|
Step |
Description |
W/P Ref |
Finding |
Remarks |
|---|---|---|---|---|
|
1 |
From the Catalog Display (2.6), prepare a work paper that documents the number, name, type, and location of each z/OS catalog. Determine if the data center has adequate documentation as to the purpose, use, and function of each catalog. |
|
|
|
|
2 |
Using the Volume File Scan display (6.3) or your access control software, verify that access to each catalog is controlled on a need‑to‑know basis. |
|
|
|
|
3 |
To prevent uncataloging of z/OS system libraries and disclosure of VSAM user catalog passwords, the z/OS master catalog must be password‑protected. |
|
|
|
|
4 |
Split your screen and select ISPF/PDF function 6, TSO Command Processor. Enter this command: LISTC ENT(catalog‑name) CLUSTER ALL where catalog‑name is the name of the master catalog, which you determined from the Master Catalog display. The system displays information about the master catalog. Look for the CLUSTER heading. PROTECTION‑PSWD appears on a line below this heading. If (SUPP) appears on this line, the master catalog is VSAM‑password‑protected. If (NULL) appears on the line, the master catalog is not protected. |
|
|
|
| Copyright © 2009 CA. All rights reserved. | Tell Technical Publications how we can improve this information |