The Mainframe Technical Environment for Auditors


This course has been designed and built for Auditors who come into contact (at any level) with IBM mainframe systems in their daily work. The course encompasses an overview of the z/OS mainframe computing environment, before focusing on the security implications of the environment, as relevant to auditors. Each stage of the course builds upon the previous one, enabling attendees to consolidate what has been learned and see how it will apply to their daily work. RSM will customise the course to reflect the particular business and technical needs of clients and the current skill levels of the intended attendees.

This course is available for exclusive, one-company presentations. These can be presented on-site, at a client's location, or live, over the Internet, via RSM's Virtual Classroom Environment service.

What you will learn

On successful completion of this course you will be able to:

  • understand the audit issues relating to configuration
  • understand the audit issues relating to TSO
  • understand the audit issues relating to Batch
  • understand the audit issues relating to z/OS
  • understand the implications of using RACF utilities & exits
  • understand the DSMON output
  • List the features of ACF 2
  • describe UNIX System Services
  • describe CICS, and Db2 at a conceptual level.

Who Should Attend

This course is suitable for Auditors whose work brings them into contact with IBM mainframe systems.

Prerequisites

Exposure to the technical computing environment at their organisation.

Duration

5 days

Fee (per attendee)

P.O.A.

 

This includes free online 24/7 access to course notes.

 

Hard copy course notes are available on request from rsmshop@rsm.co.uk

at £50.00 plus carriage per set.

Course Code

MTSE

Contents

Introduction to Mainframe Enterprise Computing

What is a mainframe?; What can it do?; How does it do it?; Useful definition; Hardware and software; Types of computing; Batch; Batch processing today; Interactive; Online; Real time; Enterprise computing hardware; An IBM mainframe computer room and its contents; The processor complex; Parallel sysplex; Logical partitions; Workload Management; FICON Channels; FICON Directors (Channel Switches); Control Units; I/O units; Addressing; Local and remote; DASD Control Units; Cache storage; RAID technology used; Disk Mirroring (RAID-1); Data Striping (RAID 5); Remote Disk Copy; Why magnetic tape?; Tape cartridge technology; Automated Tape Libraries; Virtual Tape Server; Terminals; Printers; What is software?; Types of software; System Software; Exits; Application software; What does a program consist of?; Main module; Subroutines and procedures; Functions; Data; EBCDIC; ASCII; Building a program; Programming languages; Executing a program; System software - multi-programming; Base operating system - multi-programming; Sharing resources; Other operating system functions; Data access methods; Data structure; VSAM; OAM; BSAM; QSAM; BPAM; BDAM; Batch systems access; Utilities; Text editor; Assembler; Compilers; Binder; Interpreters; Mainframe networking protocols; SNA; TCP/IP; Practical operations - who runs the IT environment?; Exercise.

z/OS Software Components

z/OS and how it works; Other z/OS base products; Systems management and cryptography; Application enablement services; Distributed computing services; Communications server; e-business services; LAN services; UNIX System Services; Security Server; Other IBM program products that may be in use; Other Non-IBM products that may be in use; System Software Inventory; The z/OS operating system - MVS; Some important definitions; Address spaces; Common Area; Private Area; Private Area above the Bar; MVS in the middle?; Main components of MVS; MVS processing environments; Online; TSO; z/OS Communications Server; VTAM; TCP/IP; JES; JES2; JES3; DFSMS; SMS; DFSMSdfp; DFSMSrmm; DFSMShsm; DFSMSdss; Transaction Server; CICS; IMS; Databases; Db2; IMS; Logging; SMF; SYSLOG; CICS/Application Journals; Exercise.

The TSO Environment

What is TSO?; TSO functions; Help; Logging on; TSO - logon screen; TSO logon procedures; Logon procedure - DDnames; TSO commands; Program related & data management commands; Program related & data management commands; General & session control commands; Other TSO commands; TSO interpretive languages; TSO CLIST example; TSO REXX code example; What is ISPF?; Navigating ISPF with PF Keys; ISPF customisation; ISPF file types; ISPF data manipulation; The Data Set Utility (option 3.2); Data Set Utility (option 3.2) - Data Set Allocation; ISPF DSLIST facility; Data list options; Data list options - EDIT; SDSF; Exercise.TSO audit issues.

Understanding the Batch Environment

What is a batch environment?; Job Entry Subsystem (JES2 or JES3); Job path; JES phases; What is JCL?; Format and syntax; Rules; JCL coding syntax rules; List of all JCL statements; The JOB statement; Format; Other JOB parameters; Exercises; The EXEC statement; The COND parameter; Exercise; The Data Definition (DD) statement overview; DD parameters; Examples of DD for various dtasets; Catalogued procedures overview and format; In-stream procedures; Symbolic parameters; Executing a procedure; Submitting & viewing a JOB; System Display and Search Facility (SDSF) overview; Controlling output; Controlling devices; Stop and start initiators; Control lines; SDSF commands; Options on the primary menu; Exits that affect jobs and output; Job audit issues; JES2 EXITS; Exercise.

z/OS Security Overview

System Authorisation Facility (SAF) security principles; The process of resource access; Authorisation checking; When authorisation checking takes place, and why; RACF high performance requirements; z/OS controls & drivers; System Configuration Data Sets; NUCLEUS; SYSPARM; NUCLST; IEASYM; PARMLIB; Displaying IPL information; Good practice; System parameter list; System routines; Dataset specifications; Exit specifications; MVS tuning members; MVS debugging; Dump suppression; Authorised programs; Defining APF authorized libraries; Program Properties Table; The Linklist; Dynamic changes; SMFPRMxx; What are SVCs?; The SVC Table; User SVCs; Security products; Broadcom CA ACF2 features; Broadcom CA TopSecret features; Top Secret terminology; Corporate Security Policy; Access Control Policy; Naming standards; Security administration; RACF overview; The RACF database; RACF router & macros; The structure of the RACF database; Userids; RACF groups; RACF group rules; LISTGROUP information; Resource Profile types; Dataset profile examples; General resource class examples; OPERCMDS -Operator Commands; SURROGAT - submitting Jobs; RACF messages; The SEARCH command; Exercise.

z/OS RACF Components

RACF control options; SETROPTS; SETROPTS list attributes; Class definitions; EGN & PROTECT-ALL; Enhanced Generic Naming (EGN); PROTECT-ALL; Datasets, Groups & Userids; Single-level dataset names; Inactive Userids; Password processing; RVARY passwords & ADDCREATOR; RVARY command; Other RVARY options; User authorities; SYSTEM authority; Group authority; Actual authorities granted; Connection related authorisations; Class authorisations; Audit Special users; Resource permission; Access Levels; Universal Access; Access lists; Resource permissions; Access checking; The process of authorisation; Searching the RACF database; List dataset information; SEARCH command basics; SEARCH control parameters; Filter & Mask parameters; Auditing a User; Auditing Global Controls; Auditing access attempts; Auditing Data Set Profiles - GLOBALAUDIT; Exercise.

RACF Utilities

Protecting STARTED tasks; Setting up the STARTED class; The FACILITY class; LINKLIST; LPALIST; APFLIST; Library LookAside; Dynamic exits; RACF services; Catalog usage; Backup and recovery; SMS configuration; Tape Management System (RMM); RACF utilities; IRRDBU00; IRRRID00; IRRADU00; IRRMIN00; IRRUT100; IRRUT200; IRRUT400; RACFRW; Using Data Security Monitor (DSMON); The DSMON program; Running DSMON; System report; Program Properties Table; Group tree report; RACF authorised caller table; RACF Class Descriptor Table report; RACF exits report; RACF global access checking table report; RACF STARTED procedures table reports; Selected User Attribute Report; Selected user attribute summary report; Selected Data Sets reports; RACF tables; RACF database options; The Database Name Table; The database range table; The class descriptor table; The RACF router table; RACF exits; Common command exit; Command exits for specific commands; New-password exit; Password authentication exit; RACROUTE REQUEST=AUTH exits; RACROUTE REQUEST=DEFINE exits; RACROUTE REQUEST=FASTAUTH exits; RACROUTE REQUEST=LIST exits; RACROUTE REQUEST=VERIFY(X) exits; RACF Report-Writer exit; Administration and auditing tools; zSecure; Vanguard Administrator; Exercise.

UNIX Systems Services Overview

UNIX System Services - what are they?; The shell; Hierarchical File system (HFS); Defining userids and groups; User definition - superuser; Define regular uids & gids; Switch to superuser mode; UNIXPRIV class; UNIX System Services file and directory services; Directories; UNIX System Services file security; File access control with Permission Bits; Making the RESTRICTED attribute applicable to UNIX files; The chown command - change file owner; The chmod command - Change File Mode (permissions); Default file permissions and the unmask command; Access Control Lists (ACLs); File security packet extattr bits; Set up users' field level access to OMVS segments; Auditing UNIX System Services; Auditing options; Audit reporting; File level auditing.

CICS & IMS Overview

The CICS family; Today's CICS; Product identifiers; What is CICS?; CICS tables; What is a CICS Transaction?; What is a CICS Task?; What is a CICS Program?; Characteristics; On-line processing; IBM CICS Transaction Server for z/OS; Workload management; Access to CICS; CICS web support; CICS regions; CICS resource definitions; SIT parameters; CICS resources; Resource definition - how do you do it?; Transaction protection; CICS Transaction Server Security; The CICS - RACF Interface; The role of CICS in security control; Region-wide requirements; Interface implementation; CICS - RACF interfaces; What can ACF2 protect?; What can Top Secret protect?; IMS overview; What is it?; How does it work?; DBCTL; DB/DC; The Master Terminal; DCCTL; Resource definition; Commands; Interfaces; IMS security; What can RACF protect?.

DB2 for z/OS Overview

What is Db2?; How does it work?; Address spaces (Started tasks); Db2 data structures; Db2 system structures; Plans; Privileges; Commands; Utilities; Db2 security overview; Sign-on security; Connection security; Db2 internal security; Other options; Security strategy (Transaction Manager or Db2); Security strategy (centralised or decentralised); Using remote applications.

Broadcom CA ACF 2 & Top Secret - Security Overview

Overview of ACF 2; ACF command and subcommands; ISPF panels; Logonid records; Listing a logonid; Access rules; NEXTKEYs; Resource rules; ACF resource types; GSO; ACF Field Definition Record (ACFFDR); Report generators and utilities; User Identification string (UID); ACF 2 and RACF differences; Overview of TSS; Encompasses RACF components; Resource protection; User information repository; How does TSS work?; TSS terminology; Types of ACIDs and how they are structured; ACIDs; User ACIDs; Profile ACIDs; Group ACIDs; Department ACIDs; Division ACIDs; Zone ACIDs; Control ACID; Administrator scope & authority; Concept of Scope; Concept of Authority; The Role of the security administrator; Types of administrative authorities; Establishing global authorities; TSS modes; TSS facilities; TSS information; TSS resources; Types of resources; Ownership and authorisation; Security Validation Algorithm; Relationship between datasets and volumes; Control options and command functions; TSS commands; TSS files; Special security records; CA-Top Secret & RACF similarities; Exercise.


© RSM Technology 2022