Course Description (By Curriculum)
2 to 3 hours
Application programmers, systems programmers, database administrators, security administrators, and other personnel requiring knowledge about the use of the Security Server (RACF) on the OS/390 platform
Knowledge of data sets, basic security issues, and the use of TSO and ISPF
After completing this course, the student will be able to:
• Define the objectives and functions of auditing
• Identify how to set audit controls for users and groups, and access to data sets and general resources
• Identify how to set general audit controls
• Identify how to list general audit controls
• Identify how to control logging and gathering of statistics
• Recognize various utilities to analyze collected auditing data
Objective - Identify Security Exposures
AUDITOR User/ Group Attribute
Access Control
Logging
RACF Utilities Overview
- SMF Data Unload (IRRADU00)
- Cross-Reference (IRRUT100)
- Database Unload (IRRDBU00)
DSMON program
General Auditing Options (SETROPTS) Command
Auditing Users (ALTUSER Command With UAUDIT Operand)
Auditing Data Set Access (ALTDSD Command with GLOBALAUDIT Operand)
Auditing General Resources (RALTER Command with GLOBALAUDIT Operand)
Listing Audit Controls (LISTDSD, LISTUSER, LISTGRP, RLIST Commands)
The TSO SETROPTS Command
Use Of SETROPTS Command
- Current Options In Effect
- RACF Statistics
- Logging
- Auditing
Auditing Options
Activating/ Deactivating Auditing Functions
Auditing of Access Attempts
Auditing of APPC Transactions
Auditing of OS/390 UNIX System Services
Analyzing Audit Data
SMF Data Unload Utility (IRRADU00)
DSMON Program
Cross-Reference Utility (IRRUT100)
Database Unload Utility (IRRDBU00)
