The target audience for this advanced-level course is security administrators, auditors, and compliance officers.
IBM Security zSecure Audit Rule-based Compliance Evaluation and Customization
This course introduces the zSecure Audit rule-based compliance evaluation framework. The course explains rule-based compliance evaluation concepts and includes an overview and demonstration of the supported compliance evaluation functions and reports. With the standard built-in compliance evaluation interface, you report the compliance of your systems against one or more of the supported external standards: STIG, STIGplus, GSD, or PCI-DSS. The course also teaches you how to customize compliance evaluations for the supported standards to fit your company's requirements. Finally, you learn how to create a company-defined compliance standard. Hands-on exercises are included to enforce the skills that are taught in this course so that you can experiment with the rule-based compliance evaluation interface.
cena szkolenia netto
Unit 1: Rule-based compliance introduction and concepts
Unit 2: Running compliance evaluations and interpret results
Unit 3: Customizing compliance standards, rules, or tests
Wymagane przygotowanie uczestników
- Basic knowledge of and experience with z/OS and RACF
- Familiarity with the IBM Security zSecure Audit ISPF panel interface
- Knowledge of and experience with the CARLa programming language
- Explain the concept of rule-based compliance evaluation with zSecure Audit
- Run compliance evaluations against the supported standards GSD331, STIG, and PCI-DSS
- Use the compliance evaluation results to apply the applicable changes to comply with the applicable (external) standard
- Customize compliance evaluations to fit with company security and audit policies
- Build customized system-defined compliance standards, rule sets, rules, and tests