Font size:

Learn how to administer the z/OS Security Server Resource Access Control Facility (RACF). Get an introduction to the z/OS environment, Time Sharing Option (TSO) and Interactive System Productivity Facility / Program Development Facility (ISPF/PDF), batch processing, and z/OS data sets. Gain experience with z/OS by viewing, and allocating datasets, submitting a batch job, and viewing job output. Learn how to use basic RACF command parameters, and panels, to define users and groups, protect general resources, z/OS data sets, and choose a basic set of RACF options.

Course Materials

The course materials cover z/OS Security Server RACF.

Hands-On Labs

Nine labs are included to address logging on to the z/OS system, working with z/OS data sets, submitting batch jobs to z/OS, using System Display and Search Facility (SDSF) to view jobs in the system, defining a RACF group structure, RACF user administration, delegating security administration, protecting z/OS data sets, and using RACF for TSO administration.

Hands-on lab projects may be done in teams depending on the number of attendees and location.



Highlights:
  • Understand the basic features and concepts of zSeries architecture and of the z/OS operating system as they relate to security administration
  • Describe the allocation process for data sets in the z/OS environment
  • Understand how programs access data sets and how RACF security interacts in that process
  • Identify the security requirements of an z/OS system
  • Use basic facilities and features of RACF
  • Define new users and groups to RACF
  • Use RACF to protect z/OS data sets and general resources
  • Select a base set of options to tailor RACF

Audience:

This is a basic course for individuals who are new to z/OS and the z/OS Security Server RACF and who administration security using the RACF element of the z/OS Security Server.

Experienced z/OS users should take:

  • Effective RACF Administration (BE87)

1. Review of z/Architecture and z/OS

  • Describe z/Architecture
  • Provide an overview of z/OS and its components
  • Explain the concept of virtual storage and its exploitation in z/OS
  • List the different kinds of data sets and discuss their management in z/OS
  • Name the main end-user interfaces of z/OS

2. An Introduction to ISPF and ISPF/PDF

  • Name and describe the components of ISPF
  • Log on to the lab system of this class
  • Log off from the lab system of this class
  • Start ISPF/PDF
  • Provide an overview of the structure of ISPF/PDF panels
  • Alter the ISPF/PDF settings
  • Use ISPF/PDF to view a data set

3. An Introduction to Data Sets

  • Describe data management concepts
  • Explain the data set allocation process
  • Describe the catalog structure
  • Explain how data sets are defined and used
  • Allocate a new data set
  • Edit a data set using ISPF/PDF
  • Delete a data set
  • Use ISPF/PDF data set list

4. Batch Processing

  • Name and explain the Job Entry Subsystem 2 (JES2) job processing phases
  • Describe the general layout of a job
  • List and describe the components of a Job Control Language (JCL) statement
  • Submit a batch job to z/OS
  • Use ISPF 3.8 and SDSF to handle the job output

5. Security and RACF Overview

  • Explain the role RACF plays in data security
  • List the four major functions of RACF
  • Explain how RACF allows or denies a user access to a resource, given a diagram of RACF's resource authorization checking process
  • Define the terms Universal Access Authority (UACC), access list, user profile, and resource profile
  • Describe the role of the security administrator and the auditor
  • Explain the features of RRSF

6. Administering Groups and Users

  • Describe the group structure in RACF
  • Create a group structure by defining appropriate RACF group profiles
  • Define new users to RACF
  • Implement a centralized or decentralized administrative structure

7. Protecting z/OS Data Sets

  • State the differences between generic and discrete data set profiles
  • Explain the process RACF uses to grant or deny user access to a data set
  • Use the RACF commands or panels to define data set profiles

8. Introduction to General Resources

  • Describe the concepts of general resources
  • Add a Time Sharing Option (TSO) user to RACF
  • Add a UNIX System Service user to RACF
  • Set up a user help desk function

10. RACF Options

  • Understand the impact that RACF options have on an installation
  • Identify those options that require special planning before activation
  • Identify a basic set of options appropriate for an installation

11. Other Administrative Facilities and Features

  • Describe the use of the global access table
  • Describe the purpose of the started procedure table
  • Define a protected user
  • Explain the use of the restricted user attribute
  • Use the RACF database unload utility to document your RACF system
  • Describe how to map a digital certificate to a RACF userid

The course you have selected has limited or no upcoming scheduled training dates!

Please browse similar courses or request more information for assistance. TrainUp.com's training support team will respond within one business day with relevant offerings.