It is also possible to view just the permission sets known at a policy level. This is done using the –listpset option, which functions similar to the –listgroups option (see “Viewing Code groups”).
Caspol –listpset
The above command will list the permission sets at the default policy level. Using the –user/-machine/-all options as prefix to the –listpset option enables the CASPol user to choose for which policy the known permission sets should be dumped. For instance the command below will show the permission sets known both at the machine and at the user policy level.
Caspol –all -listpset