Information Security Training
from the Henderson Group 		This page is:
INFOSEC RACF TRAINING: HG04: Effective RACF

Quick Links:

HOME PAGE

CONTACT US

INFOSEC and RACF TRAINING

IT and z/OS AUDIT TRAINING

RACF USER NEWS (Describes next NYRUG Meeting

NEWSLETTERS AND USER GROUPS

ARTICLES

PRIVACY STATEMENT

ABOUT US

OTHER INFO
SOURCES


HG04: Effective RACF Administration Training


(4 days, 32 CPE credits; $1995)


  • Sept. 15-18, 2008 in Raleigh, NC
  • Feb. 24-27, 2009 in Clearwater, FL

For more information on RACF seminar dates, locations, and hotels, and how to register, please click here:
Schedule/Registration/Locations/Hotels for RACF Training


This up-to-date course provides you comprehensive RACF training; it show you how it works, how to use it (including the new features found in the latest release of RACF) and a valuable 400+ page reference manual.

Stu Henderson has successfully taught this course to RACF administrators, system programmers, and auditors since 1986. This is his most comprehensive RACF seminar, designed to give beginner and experienced administrator alike a detailed plan to implement RACF completely and effectively. This course will give you a non-technical understanding of RACF internals, architecture, and philosophy, which will help you in everything you do with RACF.

This class provides clear explanation of how RACF works and how it interfaces with other software. It also provides detailed explanations of all the operands of the basic RACF commands and comprehensive exercises to ensure the student is comfortable using them. The RACF panels are covered as well.

Newcomers to data processing will learn how to make effective use of RACF and the basics of RACF interfaces with other system software. Administrators already familiar with computer room procedures and with system software such as JES, CICS, and VTAM will learn the details of how to use RACF effectively to support them. Whatever your level of experience, this course will stretch your knowledge of how the system works and how to make RACF work for you.

This class covers RACF with MVS, with OS/390, with z/OS, as well as with the VM operating system.

To fully master the implementation and administration of RACF, this RACF training should be taken several months prior to the HG05: Advanced RACF Administration seminar.

Students receive a 400+ page workbook which they will a find a valuable reference manual.

Return to Top of Page

Return to Home Page


Who Should Attend HG04?

  • Data Security Administrators and Officers and EDP Auditors

  • Beginners through advanced RACF practitioners

  • Anyone who wants to stretch his knowledge of RACF
You do not have to be a technician to benefit from this RACF seminar. If you've ever logged onto TSO, then you have the knowledge to benefit from this class.

Return to Top of Page

Return to Home Page


HG04: This Course Will Teach You
  • How RACF works
  • How to roll it out quickly, easily, and effectively
  • User IDs, User Attributes, UIDs, and UUIDs
  • Group Structure, Attributes, and Strategy for Delegation
  • OS/390 Security Server and z/OS Security Server
  • Effective Password Administration
  • Protection of Datasets and Resources
  • Records in the RACF Dataset
  • Ownership and Authority
  • Protection of CICS, IMS, and VM

Please note that you can save money by holding these classes in-house. Call Stu at (301) 229-7187 for details.

Note also the classes we offer for Information Technology Audit Training, as listed on the left under QUICK LINKS.

Return to Top of Page

Return to Home Page



"Being a novice to RACF, this training class has made me feel as though I can jump right in and work and communicate with the seasoned RACF admins." --- Steven Wallstedt, Dime Savings Bank


"I came into the class having no idea how to use RACF. By the last day of the workshop, I had all the tools needed to begin implementation in our company."
--- Dee King, Rockwell Semiconductor Systems 


                          HG04 Seminar Workbook
                            TABLE OF CONTENTS
                                                       Page
I    CONCEPTS AND KEYWORDS                                3
        WHAT TO EXPECT FROM THIS SEMINAR                  3
        WHAT IS RACF AND WHAT DOES IT DO?                 5
        THE SECURITY ADMINISTRATOR                        7
        KEY INDICATORS OF EFFECTIVE SECURITY              9
        TECHNICAL AND BUSINESS RISKS                     10
        RELEASE NOTES                                    12
        USERS, USERIDS, USER ATTRIBUTES, UIDS, UUIDS     20
        GROUP STRUCTURE, ATTRIBUTES, AND STRATEGY        28
        PASSWORDS                                        29
        DATASET AND RESOURCE RULES                       32
        ACCESS PERMISSIONS                               33
        RACF DATASET AND ITS RECORDS                     36
        OWNERSHIP AND AUTHORITY                          41
        SECURITY LABELS AND TOKENS (RACF 1.9)            46
        HOW RACF WORKS                                   55
                                                 
II   ACTION STEPS                                        62
        IMPLEMENTING RACF                                62
        HOW TO ADMINISTER GROUPS                         78
        HOW TO ADMINISTER USERS                         102
        DELEGATION OF AUTHORITY                         148
        HOW TO ADMINISTER DATASET RULES                 163
        HOW TO PERMIT ACCESS                            203
        RESOURCE CLASSES                                229
        RESOURCE CLASSES FOR DATA ACCESS                250
        RESOURCE CLASSES - MISCELLANEOUS                257
        RESOURCE CLASSES FOR TSO                        286
        RESOURCE CLASSES FOR SMS                        291
        RESOURCE CLASSES FOR ORANGE BOOK SECURITY       292
        RESOURCE CLASSES FOR JES                        301
        RESOURCE CLASSES FOR TERMINALS AND NETWORKS     309
        RESOURCE CLASSES FOR VM                         329
        RESOURCE CLASSES FOR IMS                        348
        RESOURCE CLASSES FOR CICS                       355
                                                    
III  FORMS AND REFERENCE                                371
        A)  THE SEARCH COMMAND                          372
        B)  UTILITIES: DB AND SMF UNLOAD, REMOVE ID     376
        C)  OPERATOR COMMANDS FOR RACF SUBSYSTEM        385
        D)  RACF COMMAND SUMMARY EXAMPLES               386
        E)  ISPF SCREENS FOR RACF                       398
        F)  RACHECK LOGIC FLOW                          405
        G)  SECURED SIGNON (RACF 1.9.2)                 407
                                                
INDEX                                                   410


Return to Top of Page

Return to Home Page












Stu Henderson offers consulting, seminars, articles, and other information sharing related to information security and auditing. His consulting includes: security reviews, risk assessments, RACF implementation assistance, and Information Technology audit technical counseling.

His most popular seminars provide: RACF training, mainframe audit training including MVS and z/OS audit training. His RACF seminars include: "Effective RACF Administration", "Advanced RACF Administration", and "UNIX (USS) for RACF Administrators".

His audit seminars include: "How to Audit MVS, RACF, ACF2, TopSecret, CICS, DB2, and MQ Series Security" and the follow-on "How to Audit z/OS with USS, TCP/IP, FTP, and the Internet"

Information on class location and schedules, as well as articles, links and other useful information sharing may be found on his website at www.stuhenderson.com