STIGhubSTIGhub
STIGsRMF ControlsCompare
STIGhub— A free STIG search and compliance tool·STIGs updated 3 days ago
Powered by Pylon·Privacy·Terms·© 2026 Beacon Cloud Solutions, Inc.
← Back to STIGs

zOS WebSphere MQ for ACF2 Security Technical Implementation Guide

Version

V7R2

Release Date

Sep 27, 2025

SCAP Benchmark ID

zOS_WebsphereMQ_for_ACF2_STIG

Total Checks

17

Tags

other
CAT I: 2CAT II: 15CAT III: 0

This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DOD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: disa.stig_spt@mail.mil.

Export CKLExport CSVExport JSON

Checks (17)

V-224354HIGHWebSphere MQ channel security must be implemented in accordance with security requirements.V-224355MEDIUMWebSphere MQ channel security is not implemented in accordance with security requirements.V-224356MEDIUMProduction WebSphere MQ Remotes must utilize Certified Name Filters (CNF).V-224357MEDIUMUser timeout parameter values for WebSphere MQ queue managers are not specified in accordance with security requirements.V-224358MEDIUMWebSphere MQ started tasks are not defined in accordance with the proper security requirements.V-224359MEDIUMWebSphere MQ all update and alter access to MQSeries/WebSphere MQ product and system datasets are not properly restricted.V-224360MEDIUMWebSphere MQ resource classes must be properly activated.V-224361HIGHWebSphere MQ switch profiles must be properly defined to the appropriate class.V-224362MEDIUMWebSphere MQ connection class resources must be protected in accordance with security.V-224363MEDIUMWebSphere MQ dead letter and alias dead letter queues are not properly defined.V-224364MEDIUMWebSphere MQ queue resource defined to the MQQUEUE or MXQUEUE resource class must be protected in accordance with security requirements.V-224365MEDIUMWebSphere MQ Process resources must be protected in accordance with security requirements.V-224366MEDIUMWebSphere MQ Namelist resources must be protected in accordance with security requirements.V-224367MEDIUMWebSphere MQ alternate user resources defined to the appropriate resource class must be protected in accordance with security requirements.V-224368MEDIUMWebSphere MQ context resources defined to the appropriate resource class must be protected in accordance with security requirements.V-224369MEDIUMWebSphere MQ command resources defined to MQCMDS resource class are not protected in accordance with security requirements.V-224370MEDIUMWebSphere MQ RESLEVEL resources in the appropriate ADMIN resource class must be protected in accordance with security requirements.