IBM Security zSecure RACF and SMF Auditing (TK242G)
Who should attend
This intermediate-level training is targeted for RACF security administrators and auditors who are responsible for administering and generating reports, and auditing RACF and z/OS security. RACF and z/OS compliance officers also benefit from attending this training.
You should have the following skills:
- A basic knowledge of, and experience with, the z/OS platform, RACF, and zSecure
- The ability to log on to TSO and use ISPF panels
Basic RACF and IBM Security zSecure education is assumed and can be obtained in the following classes:
- Basics of z/OS RACF Administration (ES191) (EZ191)
- Effective RACF Administration (BE870)
- IBM Security zSecure Admin Basic Administration and Reporting (TK262)
This course describes the audit concerns reported by IBM® Security zSecure™ Audit. The course explains how to audit the content of your Resource Access Control Facility (RACF®) database and z/OS® system. You can measure your current security settings against the security requirements of a selected policy level. In addition, you learn about an Access Monitor data set that contains statistics about all RACF decisions taken. This information is helpful for finding profiles, permissions, or connections that are not used and can, therefore, be removed from the RACF database. Furthermore, you learn how to review the current general Service Management Framework (SMF) and RACF audit settings. This course explains how to use and interpret the pre-defined SMF audit reports, and how to create your own customized SMF reports. Finally, the concepts of the Library status and change analysis functions are explained and demonstrated.