25,000+ Courses Nationwide
0345 4506120

Linux System Security

This highly practical instructor Linux System Security course is aimed at Linux System Administrators who wish to enhance their knowledge  of Linux security and increase the security of their Linux systems.

The course is designed to teach security related tasks that would be relevant for all Linux distributions. For the purpose of practical exercises, CentOS Linux  will be used.

Exercises and examples are used throughout the course to give practical hands-on experience with the techniques covered.

The delegate will gain an understanding of:

  • Linux security basics, precautions and common attack methods
  • Viewing and configuring the key Linux log files
  • Querying and configuring the Linux Audit Framework
  • Knowledge and execution of key SELinux commands
  • Modifying SELinux policy and policy modules
  • Configuring the Red Hat firewall
  • Securing Linux applications with certificates
  • Securing applications with TCP wrappers
  • Securing SSH
  • Installing and configuring a Host Intrusion Detection System
  • Detecting root kits, viruses and other malware
  • Identifying security updates and signing packages
  • Increasing system security with PAM
  • Installing and configuring a password cracking utility
  • Basic and advanced sudo configuration
  • Securing Linux logins
  • Enchancing filesystem security and encrypting files
  • Configuring enhanced permissions and Access Control Lists
  • Configuring an OpenVPN server and client

Who will the Course Benefit?

The Linux System Security course is aimed at Linux System Administrators who wish to expand their knowledge of the many Linux security features and  increase the security level of their Linux systems.

Select specific date to see price, venue and full details.

Learning Objectives

This course aims to provide the delegate with the knowledge to be able to query their Linux system for most security related events and harden many aspects of their  system. The course explains the; Linux logging and auditing framework, SELinux, the firewall, certificate authorities, network time, Secure Shell, Pluggable  Authentication Modules, host intrusion and detection, password cracking, the sudo command, encrypting files and OpenVPN.

Pre-Requisites

Requirements

Delegates attending this course should have experience of administering Linux in an Enterprise environment to the level covered in the  Linux System Administration (LPI & CompTIA) or  the Administering Red Hat Linux 7 - Part 1 course.

Pre-Requisite Courses

  • Linux System Administration (LPI & CompTIA)
  • Administering Red Hat Linux 7 - Part 1

Follow-On Courses

  • Linux Advanced System Administration (LPI)
  • Administering Red Hat Linux 7 - Part 2
Notes:
  • Course technical content is subject to change without notice.
  • Course content is structured as sessions, this does not strictly map to course timings. Concepts, content and practicals often span sessions.

Course Content

Day 1

Course Introduction

  • Administration and Course Materials
  • Course Structure and Agenda
  • Delegate and Trainer Introductions

Session 1: LINUX SECURITY OVERVIEW

  • Linux Native Security
  • Areas Of Security
  • Common Attack Methods
  • Basic Security Precautions
  • Standards and Compliance

Session 2: SHELL CONFIGURATION

  • Overview
  • Command Line History
  • Configuring History
  • Shell Options

Session 3: LOGGING WITHIN LINUX

  • Linux Log Files
  • The systemd Journal
  • Linux Audit Framework
  • Configuring Auditing

Session 4: SELinux

  • DAC vs MAC
  • The SELinux Policy
  • Viewing SELinux Decisions
  • SELinux Entities
  • SELinux Commands
  • SELinux Domains
  • Modifying The SELinux Policy

Day 2

Session 5: ADVANCED SELinux CONFIGURATION

  • SELinux Modules
  • Creating SELinux Modules

Session 6: THE RED HAT FIREWALL

  • Firewall Zones
  • Configuring the Firewall
  • Creating a Firewall Service
  • Configuring Firewall Zones
  • Installing and Configuring Fail2ban

Session 7: SECURING APPLICATIONS

  • Certificate Based Authentication
  • TCP Wrappers
  • Network Time
  • Authenticating chrony Clients

Session 8: SECURING SSH

  • Key Algorithms
  • SSH Agents
  • SSH Server Options
  • Certificate Based Authentication
  • SSH Tunneling

Day 3

Session 9: INTRUSION DETECTION AND PREVENTION

  • Detecting Intrusions With AIDE
  • Configuring AIDE Rules
  • Detecting and Removing Rootkits
  • Viruses
  • Installing and Configuring ClamAV

Session 10: SECURING PACKAGES

  • Red Hat Package Management
  • Package Management History
  • Rolling Back Packages
  • Creating and Signing an rpm Package
  • Installing a Signed rpm
  • Creating a Package Repository

Session 11: SECURITY VIA PLUGGABLE AUTHENTICATION MODULES

  • PAM File Format
  • The Main PAM Configuration File
  • Using PAM Allow/Deny a Service
  • Restricting SSH
  • Increasing Password Complexity
  • Delaying Failed Logins
  • Controlling Limits and Access

Session 12: CRACKING LINUX PASSWORDS

  • Types of Password Attacks
  • Verifying Password Strength
  • Installing And Configuring A Cracking Utility
  • Installing a Word List
  • Resetting A Lost root Password

Day 4

Session 13: SUDO AND RESTRICTING LOGINS

  • Restricting Linux Accounts
  • Automatic Logout
  • Sudo
  • Configuring sudo for Remote Systems
  • Advanced sudo Configuration
  • Extended File Attributes
  • Securing Linux History

Session 14: SECURING THE FILESYSTEM

  • Filesystem Security Considerations
  • Protecting The Boot Menu
  • Filesystem Options
  • Securely Erasing Data
  • vim Security Considerations
  • Access Control Lists
  • Enhanced Permissions
  • Filesystem Encryption

Session 15: VIRTUAL PRIVATE NETWORKS

  • Overview Virtual Private Networks
  • OpenVPN Installation and Configuration
  • Server and Client Configuration

Related Courses

Privacy Notice

In order to provide you with the service requested we will need to retain and use your contact information in accordance with our Privacy Notice. If you choose to provide us with this information you explicitly consent to us using the information as necessary to provide the requested service to you. If you do not agree please do not proceed to request the service from us.

Marketing Permissions

Would you like to receive our newsletter and other information on products and services which we think will be of interest to you by email. We will always treat your information with care and in accordance with our Privacy Notice. You are free to withdraw this permission at any time.

 

We work with the best