HG64: How to Audit z/OS with MVS, RACF, ACF2, Top Secret, CICS, DB2, and MQ Series Security

(4 days, 32 CPE credits, $2300 )

November 16-19, 2020
This session will be delivered online over the Internet.
Please click: Here to inquire about planned online sessions.

Please click: Here for Registration Form to register or to inquire about planned online sessions.

For more information on seminar dates, locations, and hotels, and how to register, please click here:
Schedule/Registration/Locations/Hotels for IS Audit Training

This comprehensive class in mainframe auditing shows you how to audit the MVS operating system and some of the key software associated with it, including the RACF and ACF2 and TopSecret security software,

Click here to see what students say

the CICS transaction manager, the DB2 database manager, and the MQ series queue manager. These are all essential components to a z/OS system.

The class HG65: How to Audit z/OS with USS, TCP/IP, FTP, and the Internet is a logical follow on to this class.

This class shows you how the mainframe software works, how its security works, and how to audit it. It explains the three hardware controls which form the basis of all MVS security, how MVS uses the hardware controls, and why IBM gave us backdoors to these controls. You will learn how security software such as RACF and ACF2 and TopSecret works, and how they are dependent upon effective MVS security. You will learn how CICS works and how it relies on both MVS security and security software. The class covers DB2 and MQ Series as well, showing you how they work on the mainframe, and how their security works.

You will learn a systematic approach to auditing all this, and to making practical, recommendations for improvement in security for z/OS, including MVS and its associated system software.

HG64: You Will Learn:

How MVS security works and why there are backdoors
How the hardware controls work, what backdoors exist, and how to find them
How RACF and ACF2 and TopSecret work and how they fit the MVS security model
How CICS works and how it uses tools like RACF and ACF2 for its security
How DB2 works and how its security works
How Top Secret security works and how to audit it
How MQ Series security works and how to audit it
What data to collect and how to interpret it
How to conduct the audit, from planning and scoping through follow-up
What all the related buzzwords and acronyms mean
How to conduct mainframe audits rapidly and efficiently, with maximum benefit to your organization

The workbook is a valuable reference, and includes complete audit programs.

Who Should Attend HG64?

Information Techology auditors who will be auditing MVS, RACF, ACF2, CICS, DB2 and/or MQ Series
Financial auditors who want to learn more about IT auditing on the mainframe

Class Outline

     Table of contents and Class Outline: HG64: How to Audit z/OS with 
	MVS, RACF, ACF2, TopSecret, CICS,  DB2, and MQ Series Security
							 
I     Concepts and Keywords					  
	A.     Introduction					  
		What is MVS?				
		What is RACF?			 	
		What is ACF2?			 	
		What is TopSecret (TSS)?			
		What is CICS?				
		What is DB2?				
		A Working Example				
		Audit Rules				
	B.     How MVS Security Works With Security Software	

II.     Action Plan						 
	A.     MVS Security					 
		A1.     How MVS Security Works 		 
			Hardware Controls		 	 
			Backdoors			 
		A2.     How to Audit MVS Security		
		   MVS REFERENCE:   SYS1.PARMLIB		
	B.     RACF Security					
		B1.     How RACF Security Works 		
		B2.     How to Audit RACF Security		
			a.     Access to the System		
			b.     Access to Data			
			c.     Access to Resources		
			d.     Authority to Change Rules	
			e.     Separation of Authority	
	C.     ACF2 Security				
		C1.     How ACF2 Security Works 	
		C2.     How to Audit ACF2 Security	
	D.     TopSecret (TSS) Security			
		D1.     How TSS Security Works 	
		D2.     How to Audit TSS Security	
	E.     CICS Security				
		E1.     How CICS Security Works 	
		E2.     How to Audit CICS Security	
    		  CICS REFERENCE:   DFHSIT Security Operands	
	F.     DB2 Security					
		F1.     How DB2 Security Works 			
		F2.     How to Audit DB2 Security		
	G.     MQ Series (the Message Queue Manager)		
		G1.     How MQ Series Security Works		
		G2.     How to Audit MQ Series Security		
	H.     Wrap-up, Working Papers, and Follow-Up		

III   Forms and Reference					
	A.     Basic Security Model				
	B.     Forms to Summarize MVS Images			
	C.     SMF Data					
	D.     DSNZPARM					
	E.     DSN3@ATH AND DSN3@SGN			
	F.     DB2 AUTHORIZATION TABLES			
	G.     SMF Data and the RACFRW			
	H.     RACF Database Unload Utility Guide		
	I.      RACF Audit Checklist			
	J.      RACF SETR LIST Guide			
	K.     RACF DSMON Guide			
INDEX

Please note that these seminars are available for In-House Sessions.

You can save more money by learning about our seminar Discounts

Return to Top of Page Return to Home Page

Stu Henderson offers MVS security audits, consulting, seminars, articles, and other information sharing related to information security and auditing. His consulting includes: security reviews, risk assessments, RACF implementation assistance, and Information Technology audit technical counseling.
His most popular seminars provide: RACF training, mainframe audit training including MVS and z/OS audit training. His RACF seminars include: "Effective RACF Administration", "Advanced RACF Administration", and "UNIX (USS) for RACF Administrators".
His audit seminars include: "How to Audit MVS, RACF, ACF2, TopSecret, CICS, DB2, and MQ Series Security" and the follow-on "How to Audit z/OS with USS, TCP/IP, FTP, and the Internet". They also include "How to Audit TCP/IP Security" and "How to Audit UNIX and Windows Security".
Information on class location and schedules, as well as articles, links and other useful information sharing may be found on his website at www.stuhenderson.com