Introduction to Mainframe Security v2.4

Duration

5 hours

Overview

This course provides the learner with a basic understanding of z/OS security. It introduces basic security concepts as they relate to z/OS, including the reasons for security, physical security and the Logon ID. It covers both traditional z/OS security issues such as data set protection and TSO/E, together with recent developments including LDAP and passphrases. Sections on security auditing, event recording, and a detailed explanation of the Authorized Program Facility (APF) are also covered.

Audience

Introductory modules are provided for any personnel requiring an introduction to mainframe security for z/OS, z/VM or z/VSE. Later modules are specifically for security administrators and z/OS system auditors

Prerequisites

Completion of the “IBM (z/OS) – Introduction to the IBM Enterprise Environment” Interskill course, or equivalent knowledge.

Objectives

After completing this course, the student will be able to:

• Describe the resources that need to be secured on the mainframe
• Explain the role of External Security Managers
• Describe the purpose of the Logon ID
• Identify the z/OS system products used for recording security-related data
• Describe z/OS security audit requirements
• Describe how the Authorized Program Facility is used to secure sensitive services

Course Content

z/OS Security Administration

Function of the Logon ID
Logon ID management
Securing data sets and z/OS UNIX files
Controlling access to TSO/E, IMS, CICS, and databases
Security software features
Security administration tools

z/OS Authorized Program Facility

Why APF is required
How a task becomes APF authorized
Achieving APF authorization
Securing APF authorization
Auditing APF