Code
TK222RO
Duration
1 day
Tags
Online Offline

DescriptionWhat we offer

This course describes the security-related aspects of a z/OS UNIX System Services (USS) environment. Learn USS concepts, followed by an overview of the USS-related functions and applications of the IBM Security zSecure Admin and Audit products. Using the zSecure built-in reports and standard interface, you learn how to obtain USS-related information from RACF profiles and review the contents of the USS reports. Audit recommendations and the RACF concerns that are applicable to a z/OS USS environment are described. In addition, you learn about the USS-related resource profiles in the FACILITY and UNIXPRIV classes.

ObjectivesWhat you learn

  • Explain the authorization checking process to access a UNIX file or directory
  • Create the appropriate RACF definitions to define a z/OS UNIX System Services user ID
  • Describe the audit options for z/OS UNIX System Services
  • Set up permissions to control access to a file or directory
  • List and maintain extended access control list (ACL) entries
  • List and maintain the audit settings for a file or directory

TopicsThe best for you

Chapter 1: z/OS UNIX System Services (USS) security concepts

  • Explain z/OS USS identification and authentication
  • Use the hierarchical file system (HFS) and z/OS file system (zFS)
  • Secure USS daemons and servers

Chapter 2: Protect files and directories

  • List the fields in the file security packet (FSP)
  • Interpret and modify file access rights and extended attributes
  • Secure USS files with extended access control lists (ACLs)

Chapter 3: Reporting and auditing in a USS environment

  • Generate extended program attributes reports
  • Explain HFS and zFS auditing concepts
  • Use the USS-related RACF profiles
  • Avoid common HFS and zFS auditing RACF pitfalls
  • Generate reports about trust reasons in USS
  • Audit daemons and servers
  • Generate reports about USS-related SMF records

PrerequisitesWhat should you know

You should have the following skills:

  • Basic knowledge of and experience with RACF
  • Familiarity with the IBM Security zSecure Admin or Audit ISPF panel interface

AudienceWho should attend

This intermediate-level course is intended for users that are involved in maintaining USS-related security definitions or auditing the z/OS USS environment. For example, security administrators, compliance officers, system programmers, and auditors.