ACF2 for Auditors
This course is designed, written and presented by industry recognised specialist security consultants. It provides an overview of the ACF2 system in a z/OS environment and the auditing facilities available. The course describes the audit functionality provided by native z/OS and ACF2. This course is designed to give Auditors an understanding of the audit objectives of a z/OS system and explain how to set up audit controls. It also explains how to interpret the various audit and logging reports that can be produced by ACF2.
This course is only available for exclusive one-company presentations.
What you will learn
On successful completion of this course you will be able to:
- recognise all of the major ACF2 components
- explain auditing objectives
- set audit controls for users, datasets and resources
- interpret audit and logging reports.
Who Should Attend
The course is suitable for all those wishing to gain a clear understanding of ACF2 auditing techniques.
Prerequisites
None.
Duration
2 days
Fee (per attendee)
P.O.A.
This includes free online 24/7 access to course notes.
Hard copy course notes are available on request from rsmshop@rsm.co.uk
at £50.00 plus carriage per set.
Course Code
ACAF
Contents
ACF2 overview
The need for security; general threats; tightening security; security policy; naming standards; security administration; auditing.
ACF2 architecture
Introduction; databases, Logonids, resource rules, UID strings: z/OS implementation; system interfaces; messages.
ACF2 auditing functions
Auditing objectives, identifying security exposures, the ACF2 AUDIT Logonid privilege field, ACF2 access control.
ACF2 auditing controls
System, dataset and resource access logging; TAPE BLP logging; TAPE LBL logging; logged and restricted programs.
ACF2 auditing reports
Running ACF2 logging and violation reports; reviewing ACF2 logging and violation reports; using ACF2 ISPF panels to run logging and violation reports
Question & Answer Session