IBM zSecure RACF and SMF Auditing

Unit 1: Introduction to RACF auditingUnit 2: Auditing user IDs and passwordsUnit 3: Auditing sensitive resourcesUnit 4: Auditing subsystemsUnit 5: Auditing SMFUnit 6: Using Access Monitor and RACF-OfflineUnit 7: Analyzing libraries and sequential data sets

This training is targeted for RACF security administrators and auditors who are responsible for administering RACF, generating audit reports, and auditing RACF and z/OS security. RACF and z/OS compliance officers also benefit from attending this training.

Before taking this course, make sure that you have the following skills:

• Basic knowledge of, and experience with, the z/OS platform, RACF, and zSecure
• The ability to log on to TSO and use ISPF panels

If applicable, you can achieve these skills by attending one or more of the following courses:

• IBM Security zSecure Admin Basic Administration and Reporting TK263
• Basics of z/OS RACF Administration ES19G
• Effective RACF Administration BE87G

• Describe and explain the flow of a security call from z/OS and resource Managers to RACF
• Perform user ID and password audit analysis
• Audit sensitive user IDs and z/OS resources and create audit reports about who can define RACF profiles
• Create audit reports for the CICS, IMS, and DB2 subsystems
• Review the system-wide Audit settings, select and process predefined SMF reports, and define custom SMF reports
• Utilize the Access Monitor reports to clean up the RACF database
• Audit changes to system-sensitive libraries and sequential data sets