- identify the need for security in business information systems
- explain all major RACF commands
- explain dataset and general resources
- understand how to connect users to groups
- understand the dataset related commands to manage both discrete and generic profiles
- understand the commands to manage general resources
- describe the audit facilities available in RACF
- use and explain the operation of the setropts management commands.
What is required of a security system?; IBM's Resource Access Control Facility (RACF); Main RACF/MVS components; How does RACF work?; RACF Profiles; RACF classes; Controlling access; RACF commands.Planning for RACF
Management commitment; Selecting a security planning and implementation team; Responsibilities of the implementation team; Deciding what to protect; Deciding how to protect data; Establishing ownership structures; Establishing who needs access.RACF Group Structure
RACF group structure; Group types; Data set owning groups; Users owning groups; General Resource groups; Concept of group and profile ownership; Administration delegation; Benefits of RACF groups; Defining RACF groups; Group CONNECT authority; Group profile contents; Group related commands.Defining Users to RACF
Information on users; RACF user information; DFP segment information; TSO segment information; OPERPARM segment information; NETVIEW segment information; CICS segment information; OMVS segment information; Defining a new User; Prepare to create the user profile; Create the User Profile; Give user access to any RACF-protected areas; User-related commands; User attributes; Classifying users and data; Security categories and levels; Security labels.Defining Data Sets to RACF
Data set related commands; Data set protection; Discrete profiles; Generic profiles; Rules for defining data set profiles; Naming Convention; Data set profile ownership; Defining Generic Profiles; Access authority for data sets; Adding data set profiles - ADDSD; Permitting access (PERMIT command).Defining General Resources
General Resource related commands; Class Descriptor Table (CDT); IBM-defined Resource Classes; Steps for defining General Resource profiles; Granting access to a General Resource; Global Access Table (GAT).Maintenance & Housekeeping
Maintenance and housekeeping activities; SETROPTS command options; Options for initial setup; In-storage profiles; SETROPTS REFRESH Option; Maintaining the RACF database(s); Maintenance utilities; Maintaining the Started Task Table; Data Security Monitor (DSMON).