Základní info
  Overview
This course provides database administrators and IT security professionals with the knowledge and practical skills needed to implement and manage robust security in IBM Db2 v12.1 environments. Learners will explore the fundamentals and advanced concepts of Db2 security, including authentication, authorization, and privilege hierarchies. 
This course covers key topics such as configuring access controls, utilizing database roles and authorities, managing data encryption for secure communications, and applying advanced security features like Row and Column Access Control (RCAC), Label-Based Access Control (LBAC), and Trusted Contexts for multi-tiered architectures. 
Additionally, students will examine Db2’s built-in auditing capabilities to monitor compliance and ensure secure database operations.
Audience
This course is ideal for DBAs managing user access, security, and troubleshooting contention problems.
Prerequisites
Participants should have the following:
- Completion of Db2 12.1: Essentials for Relational DBAs or equivalent skills
- Completion of Db2 12.1: Data Management and Recovery for Relational DBAs or equivalent skills
- Some experience with Db2 database administration (or completion of the Db2 Data Management and Recovery course)
- Basic knowledge of access control and security concepts
Objective
- Explain the purpose and mechanisms of Db2 serialization techniques, including locking, versioning, and latching
- Differentiate between Db2 isolation levels (UR, CS, RS, RR) and describe how they control data visibility and prevent concurrency anomalies
- Analyze the behavior of lock modes and scopes and predict their impact on concurrency and performance
- Monitor and troubleshoot lock-related issues in Db2, including lock escalation, timeouts, deadlocks, and lock waits, using built-in SQL queries, event monitors, and Db2 utilities like db2pd
- Distinguish between authentication and authorization in Db2
- Identify and explain the hierarchy of Db2 authorities and privileges, including instance-level, database-level, schema-level, and tenant-level controls
- Demonstrate how to grant, revoke, and audit privileges using system catalog views and SQL statements, and manage access through users, groups, and database roles
- Configure and administer security responsibilities using Db2 task authorities, including SECADM, DBADM, ACCESSCTRL, and DATAACCESS
- Describe the available encryption methods for securing Db2 database connections and explain how they protect data in transit
- Configure and manage Row and Column Access Control (RCAC) to enforce fine-grained data access policies within a Db2 database
- Explain the concept and benefits of Trusted Context in a three-tier architecture and how to define and use it for controlled user access
- Compare Label-Based Acess Control (LBAC) and RCAC and summarize how Db2 auditing features support monitoring and compliance requirements
Course Outline
Unit 1: Locking and Concurrency Control
Unit 2: Security and Access Control Fundamentals
Unit 3: More about Db2 Security and Access Control