AZScan Heat Map - OS400 v5r1

Low results
Med results
High results
Low risk
16
6
7
Med risk
8
8
3
High risk
4
3
0

The overall score is now 145

The table below shows each of the tests.

Each test has been assigned an Implication Score (Imp Score) and a Results Score (Res Score).

The implication score determines how serious a problem is when it occurs and cannot be changed. The results score shows how much this problem exists on your system, ranging from green, through amber to red.

 

Tests
Imp Score
Res Score
1 System settings
1.1 Security level
6
1
1.2 Auto configuration
2
5
1.3 Auto virtual
3
8
1.4 Default public authority
5
1
1.5 Allow user domain
2
1
1.6 Allow object restore
3
1
1.7 Attention program
4
1
2 Signon attempts allowed
2.1 Maximum sign-on attempts
5
4
2.2 Maximum sign-On attempt action
3
1
2.3 Remote sign-on
4
1
2.4 Limit security officer
2
8
2.5 Display sign-on information
6
1
2.6 Limit device sessions
2
7
2.7 Inactive Interval
5
6
2.8 Inactive Message Queue
2
1
3 System passwords
3.1 Password level
2
1
3.2 Password rules
7
1
3.3 Password expiration interval
7
1
3.4 Password limit adjacent digits
2
0
3.5 Password limit characters
2
3
3.6 Password limit repetition
2
2
3.7 Password minimum length
7
1
3.8 Password maximum length
2
1
3.9 Password position different
2
4
3.10 Password does not require digits
4
1
3.11 Password required to be different
8
3
3.12 Password validation program
2
1
4 Users
4.1 User Classes
7
4
4.2 Users with disabled profiles
2
3
4.3 Users current library
2
6
4.4 Users initial programs
2
5
4.5 Users initial menu
1
7
4.6 Users display sign-on information
4
7
4.7 Users limit capability
2
7
4.8 Users with limited device sessions
2
7
4.9 Users with special environments
2
1
5 Special Authorities
5.1 Users with all objects authority
8
5
5.2 Users with security administration authority
7
5
5.3 Users with job control authority
5
5
5.4 Users with spool control Authority
5
5
5.5 Users with save system authority
5
5
5.6 Users with service authority
5
5
5.7 Users with audit authority
3
5
5.8 Users with system configuration authority
2
5
6 User passwords
6.1 Users password expiry interval
6
6
6.2 Users with password set to expired
4
1
6.3 Users password last changed
5
6
6.4 IBM system profiles where password <> *NONE
3
9
6.5 Users who have not logged on
5
7
6.6 Users last logon date
5
7
7 Groups
7.1 Users in each group
1
1
8 Auditing
8.1 Audit control
3
1
8.2 Audit level
4
1
8.3 Audit end action
3
1
8.4 Audit frequency level
2
1
8.5 Create object audit
3
2