Duration
3 hours
Overview
Description
This course introduces the core capabilities of zSecure Audit for monitoring, verifying, and enforcing RACF security and compliance. It begins with an exploration of source data used by zSecure Audit, and progresses to showing how to use ID reports to view detailed RACF user and group attributes, generate cross-complex MFA reports, and analyze changes to libraries. It also covers configuring compliance requirements, running compliance checks, reviewing compliance history, and testing individual rules. In addition, the course guides learners through a range of status and verification reports – including MVS tables, RACF control, user, and resource reports – using selection criteria filters to focus on key security indicators and verify system integrity.
Audience
The primary audience for this course is mainframe security auditors, RACF administrators, and compliance officers responsible for assessing and verifying z/OS security configurations. It will also be valuable for IT personnel whose tasks include generating security reports, monitoring compliance, and validating RACF-related activity.
Prerequisites
Students should have a basic knowledge of RACF concepts, and familiarity with z/OS system structure and terminology. They should also have some experience with ISPF and TSO, and although not mandatory, have had some exposure to zSecure Admin. An awareness of enterprise security or compliance goals will also be beneficial.
Objectives
After completing this course, the student should be able to:
- Identify and interpret key audit reports relating to RACF user IDs, groups
- Use compliance reporting features to compare current system configurations with defined security standards or baselines
- Identify audit reports that can be used to evaluate your system’s current security configuration
- Run verification reports to check for inconsistencies, missing protections, and outdated or incorrect RACF definitions
Course Content
IDs, Libraries, and Compliance
RACF Audit Source Data
zSecure Audit Menu Options
Using ID Reports to Display RACF User and Group Details
Displaying Detailed User Profile Attributes
Cross-complex MFA Report
Analyzing Changes to Libraries
Configuring Compliance Requirements
Performing a Compliance Check
Displaying a History of Compliance Evaluations
Testing Individual Compliance Rules
Status and Verification Reports
Status Report Categories
MVS Tables Reports
MVS Extended Reports
RACF Control Reports
RACF User Reports
RACF Resource Reports
Selection Criteria Filters
Key Verification Reports and Options