IBM Security zSecure RACF and SMF Auditing
Course
In London
Description
-
Type
Course
-
Location
London
-
Start date
Different dates available
IBM Security zSecure RACF and SMF Auditing Training CourseThis course describes the audit concerns reported by IBM® Security zSecure™ Audit. The course explains how to audit the content of your Resource Access Control Facility (RACF®) database and z/OS® system. You can measure your current security settings against the security requirements of a selected policy level. In addition, you learn about an Access Monitor data set that contains statistics about all RACF decisions taken. This information is helpful for finding profiles, permissions, or connections that are not used and can, therefore, be removed from the RACF database. Furthermore, you learn how to review the current general Service Management Framework (SMF) and RACF audit settings. This course explains how to use and interpret the pre-defined SMF audit reports, and how to create your own customized SMF reports. Finally, the concepts of the Library status and change analysis functions are explained and demonstrated.
Facilities
Location
Start date
Start date
Reviews
Subjects
- Audit
- Access
- IT Security
- Security
- Auditing
- IT Auditing
- Database
- Database training
Course programme
Unit 1: Introduction to RACF auditing
- List the RACF resources that need to be audited
- Generate and interpret an audit concerns report
- Identify all the profiles owned by a particular user
- Identify the users authorized to maintain RACF application segments
Unit 2: Audit users and passwords
- Generate and interpret user reports
- Identify last logon and password aging
- Identify users with system-wide authorities
- Identify users with group specific authorities
- Generate a report of trusted users
Unit 3: Audit resources
- Identify sensitive profiles and the users who can modify them
- Identify users who can create profiles of various types
- Audit started tasks and programs
Unit 4: Audit subsystems
- Generate audit reports about CICS regions, transactions, and programs
- Generate audit reports about IMS regions, transactions, and program specification blocks
- Generate audit report about DB2 region
Unit 5: Generate SMF audit reports
- Explain the concepts of SMF auditing
- Report which events are logged in SMF
- Select events logged in SMF using ISPF interface
- Report SMF events with predefined reports
- Create customized SMF reports
Unit 6: Access Monitor and RACF Offline
- Explain the Access Monitor functions and reports
- Generate access summary overview reports
- Compare historic access events against current RACF database definitions
- Analyze permit, connect, profile, member, and global access entry usage
- Remove unused profiles and authorizations
- Use the RACF Offline component combined with Access Monitor
Unit 7: Library Analysis
- Track changes that occur in z/OS system sensitive libraries
Additional information
Expenses
IBM Security zSecure RACF and SMF Auditing