CA-ACF/2 for Auditors


This course is designed, written and presented by industry recognised specialist security consultants. It provides an overview of the ACF/2 system in a z/OS environment and the auditing facilities available. The course describes the audit functionality provided by native z/OS and ACF/2. This course is designed to give Auditors an understanding of the audit objectives of a z/OS system and explain how to set up audit controls. It also explains how to interpret the various audit and logging reports that can be produced by ACF/2.

This course is only available for one-company, on-site presentations.

Objectives

On successful completion of this course you will be able to:

  • recognise all of the major ACF/2 components
  • explain auditing objectives
  • set audit controls for users, datasets and resources
  • interpret audit and logging reports.

Who Should Attend

The course is suitable for anyone wishing to gain a clear understanding of ACF/2 auditing techniques.

Prerequisites

None.

Duration

2 days

Fee (per attendee)

P.O.A.

Course Code

ACAF

Contents

ACF/2 overview

The need for security; general threats; tightening security; security policy; naming standards; security administration; auditing.

CA-ACF/2 architecture

Introduction; databases, Logonids, resource rules, UID strings: z/OS implementation; system interfaces; messages.

ACF/2 auditing functions

Auditing objectives, identifying security exposures, the ACF/2 AUDIT Logonid privilege field, ACF/2 access control.

ACF/2 auditing controls

System, dataset and resource access logging; TAPE BLP logging; TAPE LBL logging; logged and restricted programs.

ACF/2 auditing reports

Running ACF2 logging and violation reports; reviewing ACF2 logging and violation reports; using ACF2 ISPF panels to run logging and violation reports

Question & Answer Session


© RSM Technology 2017