Vendors

System z continues to extend the value of the mainframe by leveraging robust security solutions to help meet the needs of today's on demand, service-oriented infrastructures. System z servers have implemented leading-edge technologies, such as high-performance cryptography, multi-level security, large-scale digital certificate authority and life cycle management, improved Secure Sockets Layer (SSL) performance, advanced Resource Access Control Facility (RACF) function, and z/OS Intrusion Detection Services. This advanced z/OS security course presents the evolution of the current z/OS security architecture and explores in detail the various technologies involved in z/OS Cryptographic Services, z/OS Resource Access Control Facility (RACF), and z/OS Integrated Security Services.

In the hands-on exercises, you begin with your own z/OS HTTP Server in a TCP/IP environment. Throughout the exercises, you make changes to the configuration to implement authentication by using RACF, SSL and the use of digital certificates. Use is made of facilities such as RACDCERT to manage digital certificates, PKI Services and RACF auto registration. You will also implement different scenarios to implement ssl security for a typical tcpip application; FTP: SSL, TLS, server authentication, client certificates and AT-TLS. These exercises reinforce the concepts and technologies being covered in the lectures.
img-course-overview.jpg

What You'll Learn

After completing this course, you should be able to:

  • Describe the components of network security, platform security and transaction security on z/OS
  • Describe how RACF supports UNIX users and groups
  • Describe Web server security flow on z/OS
  • Explain the contents and use of a digital certificate
  • Explain the difference between asymmetric and symmetric cryptographic techniques
  • Explain SSL V3 client authentication
  • Explain the basics of WebSphere Application Server and Web services security
  • Utilize the RACDCERT command
  • Discuss the OCSF service providers
  • Explain VPN (IPSec), SSL/TSL, and AT-TLS and the differences between them
  • Discuss the z/OS Communication Server policy agent, IDS, and IP filtering
  • Describe and utilize System SSL
  • Explain how TN3270 and FTP SSL support works
  • Explain how IBM secure hardware cryptographic coprocessors work
  • Explain how Kerberos authentication works
  • Explain the LDAP terms of DN, objectclass, attribute, schema, back end, and directory
  • Explain how to setup, customize, and operate z/OS PKI Services

Who Should Attend

This class is intended for z/OS system programmers and security specialists in charge of designing and implementing z/OS security for Web-enabled applications.

img-who-should-learn.png

Prerequisites

  • General z/OS knowledge including basic Unix System Services skills
  • Experience configuring any of the web servers on z/OS
  • Basic knowledge of TCP/IP and RACF

Learning Journey

Coming Soon...

Day 1

  • Unit 1: Overview of z/OS security for on-demand business
  • Unit 2: z/OS platform security: Part 1
  • Unit 3: z/OS platform security: Part 2
  • Unit 4: Introduction to digital certificates and PKI

Day 2

  • Unit 5: The SSL protocol
  • Unit 6: HTTP and Apache server, SSL client authentication and WebSphere Application Server security
  • Unit 7: RACF and digital certificates
  • Unit 8: Open Cryptographic Services Facility
  • Exercise 1: Controlling access using the httpd.config file
  • Exercise 2: SSL protocol

Day 3 

  • Exercise 2: SSL protocol (continued)
  • Unit 9: Introduction to z/OS Communications Server security features
  • Unit 10: System SSL overview
  • Unit 11: TN3270 secure connection
  • Unit 12: FTP server and client secure connection
  • Unit 13: Cryptography overview: System z integrated cryptography

Day 4

  • Exercise 3: SSL client authentication and RACF auto registration
  • Unit 14: Network authentication services and Enterprise Identity Mapping
  • Unit 15: LDAP Directory Services in z/OS and the Tivoli Director Server for z/OS
  • Unit 16: An introduction to OpenSSH for z/OS
  • Exercise 4: Securing FTP with SSL: FTPS, TLS, AT-TLS

This course is not associated with any Certification.

Frequently Asked Questions (FAQs)

  • Why get IBM certified?

    IBM certifications validate your skills and expertise in a wide range of technologies, including hybrid cloud, data & AI, security, IT infrastructure, and business applications.

    These certifications are globally recognized and can help you advance your career, increase your earning potential, and demonstrate your commitment to professional development.

    IBM-certified professionals are in high demand, making them valuable assets to any organization seeking to leverage IBM's innovative solutions.

  • What to expect for the examination?

    IBM offers a variety of certification exams at different levels (Basic, Intermediate, and Advanced) covering various technologies and job roles.

    Exams typically consist of multiple-choice questions and may include scenario-based questions that assess your ability to apply your knowledge in real-world situations.

    Note: Certification requirements and policies may be updated by IBM from time to time. We apologize for any discrepancies; do get in touch with us if you have any questions.

  • How long is IBM certification valid for?

    The validity period of IBM certifications varies. Some certifications, particularly those focused on specific product versions or technologies, may have expiration dates.

    However, many IBM certifications, especially those focused on broader skills or newer technologies, do not have an expiration date.

    Note: Certification requirements and policies may be updated by IBM from time to time. We apologize for any discrepancies; do get in touch with us if you have any questions.

  • Why take this course with Trainocate?

    Here’s what sets us apart:

    - Global Reach, Localized Accessibility: Benefit from our geographically diverse training hubs in 16 countries (and counting!).

    - Top-Rated Instructors: Our team of subject matter experts (with high average CSAT and MTM scores) are passionate to help you accelerate your digital transformation.

    - Customized Training Solutions: Choose from on-site, virtual classrooms, or self-paced learning to fit your organization and individual needs.

    - Experiential Learning: Dive into interactive training with our curated lesson plans. Participate in hands-on labs, solve real-world challenges, and take on comprehensive assessments.

    - Learn From The Best: With 30+ authorized training partnerships and countless awards from Microsoft, AWS, Google – you're guaranteed learning from the industry's elite.

    - Your Bridge To Success: We provide up-to-date course materials, helpful exam guides, and dedicated support to validate your expertise and elevate your career.

Keep Exploring

Course Curriculum

Course Curriculum

Training Schedule

Training Schedule

Exam & Certification

Exam & Certification

FAQs

Frequently Asked Questions

img-improve-career.jpg

Improve yourself and your career by taking this course.

img-get-info.jpg

Ready to Take Your Business from Great to Awesome?

Level-up by partnering with Trainocate. Get in touch today.

Name
Email
Phone
I'm inquiring for

Inquiry Details

By providing your contact details, you agree to our Privacy Policy.