Interested in bringing a class to you? Onsite training
Overview
| Course code | ES191 | Skill level | Basic |
|---|---|---|---|
| Duration | 4.5 days | Delivery type | Classroom
(Hands-on labs) |
| Course type | Public or Private on-site | ||
| Public price | USD $3,760.00 plus tax | ||
Learn how to administer the z/OS Security Server Resource Access Control Facility (RACF). Get an introduction to the z/OS environment, Time Sharing Option (TSO) and Interactive System Productivity Facility / Program Development Facility (ISPF/PDF), batch processing, and z/OS data sets. Gain experience with z/OS by viewing, and allocating datasets, submitting a batch job, and viewing job output. Learn how to use basic RACF command parameters, and panels, to define users and groups, protect general resources, z/OS data sets, and choose a basic set of RACF options.
Course Materials
The course materials cover z/OS Security Server RACF.
Hands-On Labs
Nine labs are included to address logging on to the z/OS system, working with z/OS data sets, submitting batch jobs to z/OS, using System Display and Search Facility (SDSF) to view jobs in the system, defining a RACF group structure, RACF user administration, delegating security administration, protecting z/OS data sets, and using RACF for TSO administration.
Hands-on lab projects may be done in teams depending on the number of attendees and location.
Training Path
This course is part of an IBM Training Path. Taking this course in the recommended sequence allows you to maximize the benefits from your education.
http://www.ibm.com/services/learning/ites.wss/us/en?pageType=page&contentID=a0000627
View this course in other countries
Training Paths that reference this course are:
Audience
This is a basic course for individuals who are new to z/OS and the z/OS Security Server RACF and who administration security using the RACF element of the z/OS Security Server.
Experienced z/OS users should take:
- Effective RACF Administration (H3927)
Prerequisites
Some familiarity with z/OS system facilities is beneficial. Background material needed to proceed is presented the first day.
Skills taught
- Understand the basic features and concepts of zSeries architecture and of the z/OS operating system as they relate to security administration
- Describe the allocation process for data sets in the z/OS environment
- Understand how programs access data sets and how RACF security interacts in that process
- Identify the security requirements of an z/OS system
- Use basic facilities and features of RACF
- Define new users and groups to RACF
- Use RACF to protect z/OS data sets and general resources
- Select a base set of options to tailor RACF
Course outline
Review of z/Architecture and z/OS
- describe z/Architecture
- provide an overview of z/OS and its components
- explain the concept of virtual storage and its exploitation in z/OS
- list the different kinds of data sets and discuss their management in z/OS
- name the main end-user interfaces of z/OS
An introduction to ISPF and ISPF/PDF
- name and describe the components of ISPF
- log on to the lab system of this class
- log off from the lab system of this class
- start ISPF/PDF
- provide an overview of the structure of ISPF/PDF panels
- alter the ISPF/PDF settings
- use ISPF/PDF to view a data set
An introduction to data sets
- describe data management concepts
- explain the data set allocation process
- describe the catalog structure
- explain how data sets are defined and used
- allocate a new data set
- edit a data set using ISPF/PDF
- delete a data set
- use ISPF/PDF data set list
Batch processing
- name and explain the Job Entry Subsystem 2 (JES2) job processing phases
- describe the general layout of a job
- list and describe the components of a Job Control Language (JCL) statement
- submit a batch job to z/OS
- use ISPF 3.8 and SDSF to handle the job output
Security and RACF overview
- explain the role RACF plays in data security
- list the four major functions of RACF
- explain how RACF allows or denies a user access to a resource, given a diagram of RACF's resource authorization checking process
- define the terms Universal Access Authority (UACC), access list, user profile, and resource profile
- describe the role of the security administrator and the auditor
- explain the features of RRSF
Administering groups and users
- describe the group structure in RACF
- create a group structure by defining appropriate RACF group profiles
- define new users to RACF
- implement a centralized or decentralized administrative structure
Protecting z/OS data sets
- state the differences between generic and discrete data set profiles
- explain the process RACF uses to grant or deny user access to a data set
- use the RACF commands or panels to define data set profiles
Introduction to general resources
- describe the concepts of general resources
- add a Time Sharing Option (TSO) user to RACF
- add a UNIX System Service user to RACF
- set up a user help desk function
RACF options
- understand the impact that RACF options have on an installation
- identify those options that require special planning before activation
- identify a basic set of options appropriate for an installation
Other administrative facilities and features
- describe the use of the global access table
- describe the purpose of the started procedure table
- define a protected user
- explain the use of the restricted user attribute
- use the RACF database unload utility to document your RACF system
- describe how to map a digital certificate to a RACF userid
My IBM
We're here to help
Easy ways to get the answers you need.
or call us at
Call 1-800-426-8322
Open M-F 9AM-7PM ET.
