This course describes the audit concerns reported by IBM Security zSecure Audit. The course explains how to audit the content of your Resource Access Control Facility (RACF) database and z/OS system. You can measure your current security settings against the security requirements of a selected policy level. In addition, you learn about an Access Monitor data set that contains statistics about all RACF decisions taken. This information is helpful for finding profiles, permissions, or connections that are not used and can, therefore, be removed from the RACF database. Furthermore, you learn how to review the current general Service Management Framework (SMF) and RACF audit settings. This course explains how to use and interpret the pre-defined SMF audit reports, and how to create your own customized SMF reports. Finally, the concepts of the Library status and change analysis functions are explained and demonstrated.
Before taking this course, you should have a basic knowledge of, and experience with, the z/OS platform, RACF, and zSecure. You should also have the ability to log on to TSO and use ISPF panelsBasic RACF and IBM Security zSecure education is assumed and can be obtained in the following classes:Basics of z/OS RACF AdministrationEffective RACF AdministrationIBM Security zSecure Admin Basic Administration and Reporting
2 Days/Lecture & Lab
This intermediate-level training is targeted for RACF security administrators and auditors who are responsible for administering and generating reports, and auditing RACF and z/OS security. RACF and z/OS compliance officers also benefit from attending this training.
- Introduction to RACF Auditing
- Audit Users and Passwords
- Audit Resources
- Audit Subsystems
- Generate SMF Audit Reports
- Access Monitor and RACF Offline
- Library Analysis