Advanced RACF

The Advanced RACF course will include topics that will:
  • Review at a high level parts of the mainframe hardware configuration so as to identify key areas which could affect the security of the environment
  • Review parts of the z/OS operating system to attain an understanding such that the student will be better able to understand what is being reported within RACF listings and the RACF DSMON auditor reports
  • A basic overview of RACF so that students can view security from a ‘big-picture’ standpoint, followed by more in-depth discussions about best practices for RACF implementation as well as a discussion of how RACF security can be bypassed
  • An in-depth review of RACF global settings, Group, User and Resource profile options
Students should have basic knowledge of the mainframe environment, RACF, TSO, and ISPF/PDF.
4 Days/Lecture & Lab
  • RACF administrators, managers, security architects
  • Systems programmers, database and online systems programmers, application programmers
  • IT auditors, compliance and governance personnel
  • Any person responsible for securing, reviewing, and understanding RACF in a mainframe environment
  • Components of the mainframe environment
  • Hardware configurations important for understanding access points and potential vulnerabilities
  • z/OS operating system virtualization and terminology such as LPARs and DASD
  • z/OS components including started tasks, JES, batch jobs, APF authorized libraries, and authorized programs
  • RACF security loggings, violation messages and reports, how SMF manages loggings, SMF record types, and how SMF data sets are typically managed and backed up
  • How JES supports the execution of batch jobs; examples of JCL will be explained
  • Detailed review of User, Group and Resource profiles
  • Review of user groups and different scenarios for managing them
Advanced RACF Course Summary (cont’d)
  • SPECIAL, AUDITOR, ROAUDIT, OPERATIONS user attributes and controlling their use
  • User profile group authorities, join, connect, create and use
  • Understanding the often overlooked or misunderstood fields within the User, Group and Resource profiles
  • User profile segments of TSO, OMVS, DFP, and CICS
  • Review of Restricted and Protected user attributes
  • Understanding what POSIT is and how that impacts global setting and refresh commands
  • Review of Trusted and Privileged user attributes
  • Protecting data sets on disk and tape, generic profiles vs discrete profiles, WARNING setting, standard vs conditional access lists
  • Various general resource classes to be covered including SURROGAT, GCICSTRN and TCICSTRN, STARTED, PROGRAM, APPL, TSOPROC, GLOBAL, and member vs grouping classes
  • Review RACF Global options, use of the RACF SETROPTS command, impact of changes, and a review of settings which are typically on security reviews/audits
  • RACF Authorization checking
  • Students will execute RACF commands on the training mainframe using TSO, ISPF/PDF, command lists and JCL
  • Review of various RACF listing and auditor reports called DSMON
  • Throughout the class security best practices will be emphasized

Related Scheduled Courses