Mainframe: zSecure Courses (2):
The following CARLa program shows the password interval for all existing user IDs.
With regards to the password interval, two settings exist that are of particular interest to most auditors:
- User IDs that are assigned the PROTECTED attribute do not have a password interval
- Some user IDs might be assigned a password value that never expires. In that case, users can use the same password value infinitely. For these user IDs, by default, the password interval is reported as 255. The value 255 means that a user must never change their password value.
This video provides details and a demonstration of the z/OS® Encryption Readiness Technology (zERT), a capability provided by the z/OS V2R3 Communications Server.
Using zERT, you have a single source of information to determine which traffic is cryptographically protected by TLS/SSL, IPSec and SSH, and which is not. This information is valuable for determining regulatory compliance and for identifying connections that might need stronger cryptographic protection.
Duration: 14 minutes