A little background... I am new to the compliance and auditing field and recently introduced to the AS/400 system and I am constantly seeing in best practice environments that the CLI be restricted from most users and or at least limited capabilities set to *YES.
To the point... The system administrator for the AS400 is adamant that the current menu structure security method is sufficient without restricting the CLI or changing the setting limited capabilities to *YES.
My question, is there a way to prove or disprove the menu control is sufficient to secure the system? Additionally, I have reservations that the sole administrator has all special authorities, is that unjustified or what is the recommended special authorities for the system administrator?
Free Guide: Managing storage for virtual environments
Complete a brief survey to get a complimentary 70-page whitepaper featuring the best methods and solutions for your virtual environment, as well as hypervisor-specific management advice from TechTarget experts. Don’t miss out on this exclusive content!