Information Security Training
from the Henderson Group 		This page is:
z/OS AUDIT TRAINING:HG64:
MVS, RACF, ACF2, Top Secret, CICS, DB2, MQ Series (mainframes)

Quick Links:

HOME PAGE

CONTACT US

INFOSEC and RACF TRAINING

IT and z/OS AUDIT TRAINING

RACF USER NEWS (Describes next NYRUG Meeting

NEWSLETTERS AND USER GROUPS

ARTICLES PRIVACY STATEMENT

SECURITY AND AUDIT
SERVICES FROM THE
HENDERSON GROUP

ABOUT US

OTHER INFO SOURCES


HG64: How to Audit z/OS with MVS, RACF, ACF2, Top Secret, CICS, DB2, and MQ Series Security


(4 days, 32 CPE credits, $1980)



  • May 4-7, 2010 in Raleigh, NC
  • November 16-19, 2010 in Clearwater, FL

For more information on RACF seminar dates, locations, and hotels, and how to register, please click here:
Schedule/Registration/Locations/Hotels for IS Audit Training

This comprehensive class in mainframe auditing shows you how to audit the MVS operating system and some of the key software associated with it, including the RACF and ACF2 and TopSecret security software, the CICS transaction manager, the DB2 database manager, and the MQ series queue manager. These are all essential components to a z/OS system.
The class "HG65: How to Audit z/OS with USS, TCP/IP, FTP, and the Internet" is a logical follow on to this class.

This class shows you how the mainframe software works, how its security works, and how to audit it. It explains the three hardware controls which form the basis of all MVS security, how MVS uses the hardware controls, and why IBM gave us backdoors to these controls. You will learn how security software such as RACF and ACF2 and TopSecret works, and how they are dependent upon effective MVS security. You will learn how CICS works and how it relies on both MVS security and security software. The class covers DB2 and MQ Series as well, showing you how they work on the mainframe, and how their security works.

You will learn a systematic approach to auditing all this, and to making practical, recommendations for improvement in security for z/OS, including MVS and its associated system software.

You will learn:

  • How MVS security works and why there are backdoors
  • How the hardware controls work, what backdoors exist, and how to find them
  • How RACF and ACF2 and TopSecret work and how they fit the MVS security model
  • How CICS works and how it uses tools like RACF and ACF2 for its security
  • How DB2 works and how its security works
  • How Top Secret security works and how to audit it
  • How MQ Series security works and how to audit it
  • What data to collect and how to interpret it
  • How to conduct the audit, from planning and scoping through follow-up
  • What all the related buzzwords and acronyms mean
  • How to conduct mainframe audits rapidly and efficiently, with maximum benefit to your organization
The workbook is a valuable reference, and includes complete audit programs.

For more information on seminar dates, locations, and hotels, and how to register, please click here:
Schedule/Registration/Locations/Hotels

Return to Top of Page

Return to Home Page




Who Should Attend HG64?
  • Information Techology auditors who will be auditing MVS, RACF, ACF2, CICS, and/or DB2
  • Financial auditors who want to learn more about IT auditing on the mainframe

Please note that you can save money by holding these classes in-house. Call Stu at (301) 229-7187 for details.

Note also the classes we offer for Information Security Training, as listed on the left under QUICK LINKS.
Return to Top of Page

Return to Home Page

"Stu made mainframe controls easy to understand with matching real life examples" ---Erika Kuhn, Deloitte & Touche

"This was my first Stu Henderson class - interesting and helpful information that I know I will use again. He has a great method for simplifying technology to make it easier to understand."
---Rebecca Bauman, Financial Outsourceing Solutions, LLP 


     Table of Contents and Class Outline: HG64: How to Audit MVS, RACF, ACF2, TopSecret, 
CICS,  DB2, and MQ Series Security

							Page Number	
I     Concepts and Keywords					  5
	A.     Introduction					  5
		What is MVS?					  7
		What is RACF?			 		 11
		What is ACF2?			 		 11
		What is TopSecret (TSS)?			 11
		What is CICS?				 	 12
		What is DB2?					 12
		A Working Example				 17
		Audit Rules				 	 18
	B.     How MVS Security Works With Security Software	 31

II.     Action Plan						 41
	A.     MVS Security					 41
		A1.     How MVS Security Works 		  	 41
			Hardware Controls		 	 42
			Backdoors			 	 66
		A2.     How to Audit MVS Security		100
		   MVS REFERENCE:   SYS1.PARMLIB		126
	B.     RACF Security					147
		B1.     How RACF Security Works 		147
		B2.     How to Audit RACF Security		180
			a.     Access to the System		184
			b.     Access to Data			205
			c.     Access to Resources		216
			d.     Authority to Change Rules	226
			e.     Separation of Authority		233
	C.     ACF2 Security					266
		C1.     How ACF2 Security Works 		266
		C2.     How to Audit ACF2 Security		302
	D.     TopSecret (TSS) Security				360
		D1.     How TSS Security Works 			360
		D2.     How to Audit TSS Security		371
	E.     CICS Security					410
		E1.     How CICS Security Works 		410
		E2.     How to Audit CICS Security		430
    		  CICS REFERENCE:   DFHSIT Security Operands	488
	F.     DB2 Security					496
		F1.     How DB2 Security Works 			496
		F2.     How to Audit DB2 Security		534
	G.     MQ Series (the Message Queue Manager)		569
		G1.     How MQ Series Security Works		569
		G2.     How to Audit MQ Series Security		575
	H.     Wrap-up, Working Papers, and Follow-Up		591

III   Forms and Reference					593
	A.     Basic Security Model				594
	B.     Forms to Summarize MVS Images			599
	C.     SMF Data						604
	D.     DSNZPARM						608
	E.     DSN3@ATH AND DSN3@SGN				613
	F.     DB2 AUTHORIZATION TABLES				617
	G.     SMF Data and the RACFRW				630
	H.     RACF Database Unload Utility Guide		643
	I.      RACF Audit Checklist				647
	J.      RACF SETR LIST Guide				654
	K.     RACF DSMON Guide					668

INDEX								687

Return to Top of Page

Return to Home Page












Stu Henderson offers MVS security audits, consulting, seminars, articles, and other information sharing related to information security and auditing. His consulting includes: security reviews, risk assessments, RACF implementation assistance, and Information Technology audit technical counseling.

His most popular seminars provide: RACF training, mainframe audit training including MVS and z/OS audit training. His RACF seminars include: "Effective RACF Administration", "Advanced RACF Administration", and "UNIX (USS) for RACF Administrators".

His audit seminars include: "How to Audit MVS, RACF, ACF2, TopSecret, CICS, DB2, and MQ Series Security" and the follow-on "How to Audit z/OS with USS, TCP/IP, FTP, and the Internet"

Information on class location and schedules, as well as articles, links and other useful information sharing may be found on his website at www.stuhenderson.com