This course introduces the IBM Security zSecure Audit rule-based compliance evaluation framework.The course discusses rule-based compliance evaluation concepts and includes an overview and demonstration of the supported compliance functions and reports. With the standard built-in compliance evaluation interface, you report the compliance of your systems against one or more of the supported external standards: STIG, GSD, or PCI-DSS.The course teaches you how to customize the compliance evaluation for the supported standards to fit your company's requirements. Finally, you learn how to create a company-defined compliance standard.Hands-on exercises are included to enforce the skills that are taught in this course so that you can experiment with the rule-based compliance evaluation interface.
Before taking this class, you should have the following skills:Basic knowledge of and experience with z/OS and RACFFamiliarity with the IBM Security zSecure Audit ISPF panel interfaceKnowledge of and experience with the CARLa programming language
1 Day/Lecture & Lab
The target audience for this advanced level course is security administrators, auditors, and compliance officers
- Rule-based compliance introduction and concepts
- Running compliance evaluations and interpreting the results
- Customizing compliance standards, rules, or tests