IBM i (iSeries, AS/400) QAUDJRN Auditing and Forensic Analysis Workshop
September 12 - 13
Summary
This Live Hands-On Workshop provides the student with an understanding of the IBM i Security Audit Journal (QAUDJRN) along with a comprehensive view of the auditing facilities available on the system. Students will learn how to configure the system auditing facilities to audit the activity of Users, access to sensitive Objects and Security related events, like authority failures and invalid logon attempts.In addition to learning how to audit these various activities, students will learn how to properly extract meaningful information from the QAUDJRN Security Audit journal to perform forensic analysis of audited events.This workshop also provides the information needed to create and maintain the QAUDJRN Security Audit journal and associated journal receivers.
Duration
2 Days/Lecture & Lab
Audience
.
Topics
- Introduction to QAUDJRN and Auditing
- Maintaining QAUDJRN
- Major Configuration Options for Auditing
- Configuring Auditing of Security Events
- Configuring User Auditing
- Configuring Object Auditing
- Extracting Information from QAUDJRN
- Reporting Extraction Results
- Forensic Analysis Scenarios/Examples
Prerequisites
Students should have basic knowledge of IBM i (iSeries, AS/400) Security Concepts.
