TK242G IBM Security zSecure RACF and SMF Auditing

• List the RACF resources that need to be audited
• Generate and interpret an audit concerns report
• Identify all the profiles owned by a particular user
• Identify the users authorized to maintain RACF application segments

• Generate and interpret user reports
• Identify last logon and password aging
• Identify users with system-wide authorities
• Identify users with group specific authorities
• Generate a report of trusted users

• Identify sensitive profiles and the users who can modify them
• Identify users who can create profiles of various types
• Audit started tasks and programs

• Generate audit reports about CICS regions, transactions, and programs
• Generate audit reports about IMS regions, transactions, and program specification blocks
• Generate audit report about DB2 region

• Explain the concepts of SMF auditing
• Report which events are logged in SMF
• Select events logged in SMF using ISPF interface
• Report SMF events with predefined reports
• Create customized SMF reports

• Explain the Access Monitor functions and reports
• Generate access summary overview reports
• Compare historic access events against current RACF database definitions
• Analyze permit, connect, profile, member, and global access entry usage
• Remove unused profiles and authorizations
• Use the RACF Offline component combined with Access Monitor

• Track changes that occur in z/OS system sensitive libraries

Dotazione:
Each participant will have a station set up with operating systems and software needed for the exercises.