Advanced RACF Instructor-Led Training Course

Add To Watch List Request In Your Area Request Private Class View PDF

PT27237

Training Summary

The Advanced RACF course will include topics that will:

Review at a high level parts of the mainframe hardware configuration so as to identify key areas which could affect the security of the environment
Review parts of the z/OS operating system to attain an understanding such that the student will be better able to understand what is being reported within RACF listings and the RACF DSMON auditor reports
A basic overview of RACF so that students can view security from a ‘big-picture’ standpoint, followed by more in-depth discussions about best practices for RACF implementation as well as a discussion of how RACF security can be bypassed
An in-depth review of RACF global settings, Group, User and Resource profile options

Prerequisites

Students should have basic knowledge of the mainframe environment, RACF, TSO, and ISPF/PDF.

Duration

4 Days/Lecture & Lab

Audience

RACF administrators, managers, security architects
Systems programmers, database and online systems programmers, application programmers
IT auditors, compliance and governance personnel
Any person responsible for securing, reviewing, and understanding RACF in a mainframe environment

Course Topics

Components of the mainframe environment
Hardware configurations important for understanding access points and potential vulnerabilities
z/OS operating system virtualization and terminology such as LPARs and DASD
z/OS components including started tasks, JES, batch jobs, APF authorized libraries, and authorized programs
RACF security loggings, violation messages and reports, how SMF manages loggings, SMF record types, and how SMF data sets are typically managed and backed up
How JES supports the execution of batch jobs; examples of JCL will be explained
Detailed review of User, Group and Resource profiles
Review of user groups and different scenarios for managing them

Advanced RACF Course Summary (cont’d)

SPECIAL, AUDITOR, ROAUDIT, OPERATIONS user attributes and controlling their use
User profile group authorities, join, connect, create and use
Understanding the often overlooked or misunderstood fields within the User, Group and Resource profiles
User profile segments of TSO, OMVS, DFP, and CICS
Review of Restricted and Protected user attributes
Understanding what POSIT is and how that impacts global setting and refresh commands
Review of Trusted and Privileged user attributes
Protecting data sets on disk and tape, generic profiles vs discrete profiles, WARNING setting, standard vs conditional access lists
Various general resource classes to be covered including SURROGAT, GCICSTRN and TCICSTRN, STARTED, PROGRAM, APPL, TSOPROC, GLOBAL, and member vs grouping classes
Review RACF Global options, use of the RACF SETROPTS command, impact of changes, and a review of settings which are typically on security reviews/audits
RACF Authorization checking
Students will execute RACF commands on the training mainframe using TSO, ISPF/PDF, command lists and JCL
Review of various RACF listing and auditor reports called DSMON
Throughout the class security best practices will be emphasized

Advanced RACF