A little background... I am new to the compliance and auditing field and recently introduced to the AS/400 system and I am constantly seeing in best practice environments that the CLI be restricted from most users and or at least limited capabilities set to *YES.
To the point... The system administrator for the AS400 is adamant that the current menu structure security method is sufficient without restricting the CLI or changing the setting limited capabilities to *YES.
My question, is there a way to prove or disprove the menu control is sufficient to secure the system? Additionally, I have reservations that the sole administrator has all special authorities, is that unjustified or what is the recommended special authorities for the system administrator?
AS400, Infinium, Agilysys
February 23, 2013 12:13 AM
February 25, 2013 1:48 PM