Monitoring security

This set of topics discuss various techniques for monitoring and auditing security on your system.

In a security audit, you would be reviewing and examining the activities of a data processing system to test the adequacy and effectiveness of procedures for data security and data accuracy. The security audit journal is the primary source of auditing information on the system. A security auditor inside or outside your organization can use the auditing function provided by the system to gather information about security-related events that occur on the system.

An intrusion detection system is software that detects attempts or successful attacks on monitored resources that are part of a network or host system.

Monitoring security regularly has two basic goals:

• Making sure that you protect your company resources adequately.

• Detecting unauthorized attempts to access your system and your company’s information.

This set of topics describes the tasks for auditing and monitoring system security:

• Planning security auditing
  Use this information to plan security auditing for your systems.

• Preventing and detecting security exposures
  This information is a collection of tips to help you detect potential security exposures.

• Monitoring access to output and job queues
  This topic describes how to monitor access to output and job queues, explains why it is important, and provides step-by-step instructions.

• Monitoring subsystem descriptions
  This topic provides suggestions for reviewing the subsystem descriptions that currently exist on your system.

• Monitoring authority
  This topic provides basic suggestions for monitoring the effectiveness of the security safeguards on your system.

• Monitoring security messages
  How to monitor security messages and why they are important

• Preventing loss of auditing information
  This topic describes which information to look for to prevent loss of auditing information.

• Managing the journal receivers
  How to manage the journal receivers.

• Saving and deleting audit journal receivers
  This topic describes how to save and delete audit journal receivers, explains why it is important, and provides step-by-step instructions.

• Stopping the audit function
  How to turn off the auditing function

• Using the history log
  How to use the history log, why it is important, and step-by-step instructions for setting it up.

Parent topic: