Exploiting the Advanced Features of RACF (ES88G)

Exploiting the Advanced Features of RACF (ES88G)

Overview

Duration: 4 days

This course teaches you how to implement some of the advanced facilities available in Resource Access Control Facility (RACF). Through a combination of classroom lecture and hands-on lab exercises, you will learn how to establish an RRSF environment, including using RACF Remote Sharing Facility (RRSF) facilities to administer security of remote RACF databases from a single centralized location, allowing users to synchronize password changes among several associated userids, using RRSF facilities to automatically maintain synchronization of two or more separate RACF databases. Other major functions that you will study include RACF sysplex data sharing and sysplex communication, RACF support for z/OS UNIX, DB2 security using RACF, Network Job Entry (NJE) security, operator commands, program control and backup, recovery of the RACF database, PassTickets, and digital certificates and program signature.

Objectives

Course Objectives

  • Explain the features and benefits of the various advanced functions in RACF
  • Decide what features should be implemented in your installation
  • Identify any migration considerations associated with these functions
  • List the tasks that must be performed to implement the advanced security features, and develop an implementation plan
  • Make the definitions in RACF to implement the advanced security functions

Course Outline

Day 1

  • Welcome
  • Unit 1 - Introduction to RRSF
  • Exercise 1 - Defining RRSF nodes
  • Exercise 2 - Directed commands and password and passphrase synchronization
  • Exercise 3 - Remote administration
  • Exercise 4 - Automatic command and password direction

Day 2

  • Exercises 1-4 review
  • Unit 2 - RACF sysplex support
  • Unit 3 - RACF security for DB2
  • Exercise 5 - Operator command security
  • Unit 4 - Command and console security

Day 3

  • Unit 5 - RACF support for z/OS UNIX
  • Exercise 6 - Add a z/OS UNIX user
  • Exercise 7 - Using the z/OS UNIX shell
  • Exercise 8 - Using the USS ISPF shell and ISPF 3.17 Udlist function
  • Exercise 9 - Access control lists (ACLs)

Day 4

  • Exercises 6-9 review
  • Unit 6 - Controlling network job entry
  • Unit 7 - Backup and recovery of the RACF database
  • Unit 8 - Program control
  • Unit 9 - PassTickets
  • Unit 10 - Digital certificates
  • Unit 11 - Program signing and verification

Prerequisites

You should have:

  • RACF administration skills (obtained by attending BE87 Basics of z/OS RACF Administration ES19) or equivalent experience.
Course ID:
ES88G


Show Schedule for: