iSeries and AS400 Security Concepts

Document Sample
iSeries and AS400 Security Concepts Powered By Docstoc
					       iSeries and AS/400 Security Concepts
                                               2 Days

This class provides a comprehensive treatment of iSeries and AS/400 security concepts along with
practical instruction for implementing those concepts. Tips will be provided throughout the class on
how to audit and detect faulty implementation that could compromise the system. It is designed for
those dealing with system setup and administration, including system administrators, security
officers, and IT Auditors. It is highly recommended for technical support personnel.

Prerequisites: A basic understanding of security systems. It is assumed that students have some
understanding of the AS/400's overall architecture and utilities, although this is not a requirement.

                                        Course Outline

iSeries - AS/400 Introduction                          The Security Toolkit
Menus, Commands                                        Sectools Menu Options
Finding Commands                                       Adding reports to the job scheduler
OS Architecture
                                                       Work Management Security
System Level Security                                  The Sign-on Screen
Security System Values                                 Message Queue Authority
Security Levels                                        Library Lists
Password Levels                                        Sub-system Authority
Protecting SST and DST services                        Job Descriptions

User Profiles                                          Application Security
The User Profile                                       Vendor supplied schemes
Working with User Profiles                             Application Only Access
Special Authorities                                    Database Security
Limit Capabilities                                     Program Security
User Classes                                           Security for Other Application Objects
Group Profiles
Object Ownership                                       Network Security
Adopted Authority                                      Client Access Security
Assumed Identities                                     TCP/IP Security
Prevent User Profile Hijacking                             TELNET, FTP, ODBC
Common mistakes in user profiles                       Using Exit Programs

Object Oriented Architecture                           Auditing Capabilities
A File is a File a Program is a Program                Job Logs
Data Authorities                                       History Log
Object Authorities                                     The Security Audit Journal
Security Commands for Objects                          Auditing Sensitive Objects
Security Commands for IFS Objects                      Auditing Powerful Users
Authority Shortcuts                                    Checking for Trojan Horse Programs
Authorization Lists
Common Misunderstandings                               Graphical Control with GUI Access
                                                       iSeries Navigator for Windows

                     For more information, call (636) 519-7917
                          Or e-mail
                         The 400 School, Inc – St. Louis, MO USA