This four-day, hands-on class is the definitive RACF course for technicians and administrators. The course, designed and written by RACF specialists, is regularly revised and updated to match developments in the RACF and z/OS environments.<br><br>It introduces and explains the concepts, terminology, commands, and procedures involved in administering and auditing RACF. All major aspects of day-to-day RACF administration and auditing are covered.<br>To ensure full understanding, a number of realistic practical exercises are performed during this course.<br><br>This course is also available for one-company, on-site presentations and for live presentation over the Internet, via the Virtual Classroom Environment service.
RACF Administration & Auditing
Attendees should have a clear understanding of z/OS at a conceptual and practical level. A working knowledge of TSO/ISPF and JCL is also required.
- explain the need for security in business information systems
- describe how RACF meets business information systems security needs
- design a group structure to meet their installation’s requirements
- explain & use RACF commands
- describe the effect of the various group profile related parameters
- explain the management and use of the various non-RACF segments in user profiles
- connect users to groups and manage the assigned group authorities
- use the dataset related commands to manage both discrete and generic profiles
- manage general resources
- use and explain the operation of the basic setropts management commands
- use and interpret the output of the Data Security Monitor
- use the database unload utility, cross reference utility, remove id utility, database verification utility, database split/merge/extend utility, and the database block update utility
- run and interpret auditing reports.
Introduction to RACF
What is RACF?; Why do we need security?; Security in the 'old days'; Security these days; What security do we need?; Where are the dangers?; How can RACF help?; RACF profiles; How RACF operates; The RACF database; Multiple data set database; Resource classes.The RACF Manuals
The manual library; RACF Security Administrators' Guide; RACF features; z/OS features; Other products; Related non-RACF manuals; RACF command language reference; BookManager and Adobe pdf.Planning for Security
The Security Policy; Resource ownership; How to protect resources?; Grouping resources and users; Document the plan.Group Structure
What are Groups?; Why have Groups?; Users and Groups; The initial group structure; The Group Hierarchy; System Special and Group Special; Group Profile ownership; Group connections.The RACF Commands
Entering RACF commands; RACF commands and the manuals; Entering RACF commands in batch; Entering commands via a CLIST; Online Help.Defining RACF Groups
Group profile commands; Basic ADDGROUP; Specifying the SUPerior GROUP & OWNER; Other ADDGROUP parameters; Non-RACF segments - DFP, z/OS and zVM; Full ADDGROUP syntax; Full ALTGROUP syntax; Full LISTGRP syntax; LISTGRP output; Full DELGROUP syntax; Group command authority; SEARCH command.Defining Users
User profile commands; Basic ADDUSER; Specifying the default group; Group authority; Class authority; RACF authorities; RACF attributes; Security levels and security categories; Security level checking; Security category checking; Security labels; Other ADDUSER parameters; Non-RACF segments; Full ADDUSER syntax; Basic ALTUSER; ALTUSER-only parameters; Full LISTUSER syntax; LISTUSER output; Full DELUSER syntax; User command authority; Basic PASSWORD; Changing other users' passwords; Full syntax of PASSWORD; Password command authority.Connecting Users to Groups
Connect and Remove Commands; Basic CONNECT; Full CONNECT Syntax; Basic REMOVE; Full REMOVE Syntax; Connect/Remove command authority.Dataset Profiles
Dataset profile commands; Basic ADDSD; Discrete data set profiles; Discrete profile parameters; Generic data set profiles; Generic wildcard characters - %; Generic wildcard characters - *; Generic wildcard characters - **; Specifying data set attributes; Access levels; Auditing access attempts; Profile copying; Security level & category checking; Other profile attributes; Full ADDSD syntax; Basic ALTDSD; ALTDSD-only parameters; Full ALTDSD syntax; Basic LISTDSD; Listing many data set profiles; Listing generic or discrete profiles; Specifying what to list; Full LISTDSD syntax; LISTDSD output; Full DELDSD syntax; Data set command authority; Basic PERMIT; Conditional access lists; Permitting many users access; Removing users and groups; Deleting access lists; Full PERMIT syntax; PERMIT command authority; SETROPTS REFRESH GENERIC(data set); SEARCH command basics; SEARCH control parameters; The FILTER & MASK parameters.General Resource Profiles
General resource profile commands; Basic RDEFINE; Common RDEFINE parameters; Adding additional profile information; When the class is CONSOLE; When the class is OPERCMDS; When the class is CDT; When the class is SURROGAT; The Started Task Table; Using ICHRIN03; Using the STARTED class; When the class is TAPEVOL; Full RDEFINE syntax; Resource grouping classes; Protecting CICS transactions; Protecting load modules; Protecting SDSF; Basic RALTER; RALTER-only parameters; Full RALTER syntax; Basic RLIST; Common RLIST parameters; Listing Non-RACF segments; Special RLIST features; Full RLIST syntax; RLIST output; Full RDELETE syntax; Remember PERMIT?; General resource command authority; The Global Access Checking table; In-storage profiles; In-storage profile parameters.Auditing RACF
Auditing RACF; Auditor parameters; RACF Report Writer; Basic RACFRW commands; Full RACFRW syntax; Full SELECT syntax; Basic EVENT command; Full EVENT syntax; Full LIST syntax; RACFRW output example; Full SUMMARY syntax; RACF SMF data Unload utility; SMF Unload utility JCL; Using the unloaded RACF SMF data; Processing the RACF SMF data with DB2; Other reporting tools; The Data Security Monitor; The System & Group Tree Reports; Program Properties & Auth Caller Table Reports; Class Descriptor Table & RACF Exits Report; Global Access Table Report; Started Procedures Table Report; Selected User Attribute Reports; Selected Data Sets Report.RACF Utility Programs
The database unload utility; The database cross-reference utility; The database cross-reference utility output; The RACF remove ID utility; The database verification utility; The database split/merge/extend utility; The database block-update utility command.
Face-to-face learning in the comfort of our quality nationwide centres, with free refreshments and Wi-Fi.
Find dates and prices
We have 5 courses available across 2 locations on 5 different dates
EastCall us on 0113 220 7150 to discuss availability in this region.Contact us
London1 Location / 3 coursesView dates
MidlandsCall us on 0113 220 7150 to discuss availability in this region.Contact us
NorthCall us on 0113 220 7150 to discuss availability in this region.Contact us
ScotlandCall us on 0113 220 7150 to discuss availability in this region.Contact us
South1 Location / 2 coursesView dates
Attend from AnywhereCall us on 0113 220 7150 to discuss availability in this region.Contact us
All locations2 Locations / 5 coursesView dates
Fully accredited to ensure we provide the highest possible standards in learning