Back to Courses

Introduction to Mainframe Security v2.4


5 hours


This course provides the learner with a basic understanding of z/OS security. It introduces basic security concepts as they relate to z/OS, including the reasons for security, physical security and the Logon ID. It covers both traditional z/OS security issues such as data set protection and TSO/E, together with recent developments including LDAP and passphrases. Sections on security auditing, event recording, and a detailed explanation of the Authorized Program Facility (APF) are also covered.


Introductory modules are provided for any personnel requiring an introduction to mainframe security for z/OS, z/VM or z/VSE. Later modules are specifically for security administrators and z/OS system auditors


Completion of the “IBM (z/OS) – Introduction to the IBM Enterprise Environment” Interskill course, or equivalent knowledge.


After completing this course, the student will be able to:

  • Describe the resources that need to be secured on the mainframe
  • Explain the role of External Security Managers
  • Describe the purpose of the Logon ID
  • Identify the z/OS system products used for recording security-related data
  • Describe z/OS security audit requirements
  • Describe how the Authorized Program Facility is used to secure sensitive services

Course Content

Mainframe Security Basics

How secure are mainframes?
Mainframe resources to secure
Security requirements for consoles, files and data sets
Network access and encryption
Roles of External Security Managers for z/OS, z/VM, z/VSE and Linux on System z

z/OS Security Administration

Function of the Logon ID
Logon ID management
Securing data sets and z/OS UNIX files
Controlling access to TSO/E, IMS, CICS, and databases
Security software features
Security administration tools

z/OS Security Auditing and Recording

How the Operlog, Syslog, syslogd and IMS logs are used
Purpose of the z/OS Systems Monitoring Facility (SMF)
SMF record types
z/OS security auditing requirements
Internal and external audits
z/OS auditing tools

z/OS Authorized Program Facility

Why APF is required
How a task becomes APF authorized
Achieving APF authorization
Securing APF authorization
Auditing APF

Security – Introduction to Mainframe Security 2.4 Mastery Test