System Security for Red Hat Linux

Course Code: RHLSS

Duration: 4 days

 
 

System Security for Red Hat Linux Course Overview

This highly practical instructor led System Security for Red Hat Linux course is aimed at Linux System Administrators who wish to enhance their knowledge of Red Hat Linux security and increase the security of their Red Hat Linux systems.

The course covers security related tasks for Red Hat Enterprise Linux (RHEL) and CentOS Linux systems. The topics taught would also be relevant for all Linux distributions.

Exercises and examples are used throughout the course to give practical hands-on experience with the techniques covered.

Course Objectives

This course aims to provide the delegate with the knowledge to be able to query their Red Hat Linux system for most security related events and harden many aspects of their system. The course explains the; Linux logging and auditing framework, SELinux, the firewall, certificate authorities, network time, Secure Shell, Pluggable Authentication Modules, host intrusion and detection, password cracking, the sudo command, encrypting files and OpenVPN.

Who will the Course Benefit?

The System Security for Red Hat Linux course is aimed at Linux System Administrators who wish to expand their knowledge of the many Red Hat Linux security features and increase the security level of their Red Hat Linux systems.

Skills Gained

The delegate will learn and acquire skills as follows:

  • Linux security basics, precautions and common attack methods
  • Viewing and configuring the key Linux log files
  • Querying and configuring the Linux Audit Framework
  • Knowledge and execution of key SELinux commands
  • Modifying SELinux policy and policy modules
  • Configuring the Red Hat firewall
  • Securing Linux applications with certificates
  • Securing applications with TCP wrappers
  • Securing SSH
  • Installing and configuring a Host Intrusion Detection System
  • Detecting root kits, viruses and other malware
  • Identifying security updates and signing packages
  • Increasing system security with PAM
  • Installing and configuring a password cracking utility
  • Basic and advanced sudo configuration
  • Securing Linux logins
  • Enhancing filesystem security and encrypting files
  • Configuring enhanced permissions and Access Control Lists
  • Configuring an OpenVPN server and client

System Security for Red Hat Linux Training Course

Course Introduction

  • Administration and Course Materials
  • Course Structure and Agenda
  • Delegate and Trainer Introductions

Session 1: INTRODUCTION TO LINUX SECURITY

  • Linux Native Security
  • Areas of Security
  • Common Attack Methods
  • Basic Security Precautions
  • Standards and Compliance

Session 2: SECURING THE USER ENVIRONMENT

  • Managing User Accounts
  • Bash history
  • Configuring History
  • Confining User History

Session 3: LOGGING WITHIN LINUX

  • Linux Log Files
  • systemd Journal
  • Linux Audit Framework
  • Generating Audit Queries
  • Configuring Auditing
  • Defining Auditing Rules

Session 4: SELinux

  • DAC vs MAC
  • The SELinux Policy
  • SELinux Contexts
  • SELinux Key Commands
  • Viewing SELinux Decisions
  • SELinux Booleans
  • Exporting SELinux Configuration

System Security for Red Hat Linux Training Course

Session 5: SELinux MODULES

  • SELinux Entities
  • SELinux Modules
  • Administering Modules
  • Creating Modules With audit2allow
  • Writing SELinux Modules
  • The Type Enforcement File

Session 6: RED HAT FIREWALL

  • Firewalld Overview
  • Firewalld vs IPTables
  • Firewall Zones
  • Configuring Firewall
  • Creating a Firewall Service
  • Configuring Firewall Zones
  • Rich Rules
  • Fail2ban Installation and Configuration

Session 7: SECURING SSH

  • Key Algorithms
  • SSH Agents
  • SSH Server Options
  • The known_hosts File
  • Certificate Based Authentication
  • Verifying Signed Certificates

Session 8: SECURING APPLICATIONS

  • Certificate Based Authentication
  • Creating a Certificate Authority
  • Configuring Logging with TLS
  • TCP Wrappers
  • Network Time
  • chrony Security
  • Authenticating chrony Clients

System Security for Red Hat Linux Training Course

Session 9: INTRUSION DETECTION AND PREVENTION

  • Detecting Intrusions with AIDE
  • Installing and Configuring AIDE
  • Detecting and Removing Rootkits
  • Installing and Configuring ClamAV

Session 10: SECURING PACKAGES

  • Red Hat Package Management
  • Obtaining Detailed Update Information
  • Package Management History
  • Creating an rpm Package
  • Signing an rpm Package
  • Installing a Signed rpm
  • Creating a Package Repository

Session 11: PLUGGABLE AUTHENTICATION MODULES

  • PAM File Format
  • PAM Configuration File
  • Using PAM to Allow/Deny a Service
  • Restricting Access to SSH
  • Increasing Password Complexity
  • Delaying Failed Logins
  • Controlling Access by Time
  • Limiting user Resources

Session 12: CRACKING LINUX PASSWORDS

  • Password Hashing Methods
  • Verifying Password Strength
  • Types Of Password Attacks
  • Password Cracking
  • Installing a Password Cracking Utility
  • Installing a Word List
  • Resetting a Lost root Password

System Security for Red Hat Linux Training Course

Session 13: SUDO AND RESTRICTING LOGINS

  • Configuring Sudo
  • Basic Examples
  • Password Administration
  • Running Sudo On Remote Systems
  • Sudoedit
  • Sudo Logging
  • Sudo Digests
  • Include Statements
  • Restricting root Access

Session 14: SECURING THE LINUX FILESYSTEM

  • Linux Filesystem Security
  • Protecting the Boot Menu
  • Securely Erasing Data
  • Data Sanitisation Methods
  • Extended Permissions
  • Extended File Attributes
  • File Access Control Lists
  • LUKS Encrypted Partitions

Session 15: AN OVERVIEW OF RED HAT IDENTITY MANAGEMENT

  • Red Hat Identity Management
  • The Identity Management Domain
  • IdM Server Configuration Options

APPENDIX A: IdM INSTALLATION

  • IdM Server Prerequisites
  • Verifying DNS Configuration
  • IdM Server Installation
  • IdM Client Installation

APPENDIX B: SECURING VSFTPD WITH SSL/TLS

  • Creating an SSL Certificate
  • Configuring VSFTPD FOR SSL/TLS
Notes:
  • Course technical content is subject to change without notice.
  • Course content is structured as sessions, this does not strictly map to course timings. Concepts, content and practicals often span sessions.

Requirements

Delegates attending this course should have experience of administering Linux in an Enterprise environment to the level covered in the Administering Red Hat Linux 7 - Part 1 course.

Pre-Requisite Courses

Public Scheduled Events

Classroom & Live Virtual Instructor-Led Training

Duration: 4 days

Price: £2,100.00 exc. VAT 


Start Date Options Spaces  
29 Mar 2021
StayAhead Virtual Courses available 
Spaces Book Now 
17 May 2021
StayAhead Virtual Courses available 
Spaces Book Now 
29 Jun 2021
StayAhead Virtual Courses available 
Spaces Book Now 
09 Aug 2021
StayAhead Virtual Courses available 
Spaces Book Now 
27 Sep 2021
StayAhead Virtual Courses available 
Spaces Book Now 
09 Nov 2021
StayAhead Virtual Courses available 
Spaces Book Now 
 

Live Virtual Classroom

 
Join live instructor-led classroom training from the comfort of your home or office.
All the convenience and benefits of the classroom experience without the hassle and costs of travel and accommodation.
 
 



Our Customers Include

 
missing image
missing image
missing image
missing image
missing image
missing image
missing image
missing image
missing image
missing image
missing image
missing image
missing image
missing image
missing image
missing image
missing image
missing image
missing image
missing image
missing image
missing image
missing image
missing image
 
 



Our Course Curriculum

 
 
 
 
Facebook LinkedIn Twitter Instagram E-Mail
 

Trademarks

StayAhead Training Limited are not affiliated to Red Hat Inc. in any way.  Red Hat, Red Hat Certified Engineer, RHCE, are registered trademarks and Red Hat Certified System Administrator and RHCSA are trademarks of Red Hat Inc.  No exams are included in the Red Hat Linux courses.

+44 (0)20 7600 6116
Enquiries@StayAhead.com
Copyright © 2021 StayAhead Training Ltd
Cookies   /   Privacy Policy