0345 4506120

Security for Red Hat Linux

This highly practical instructor led Security for Red Hat Linux course is aimed at Linux System Administrators who wish to enhance their knowledge of  Red Hat Linux security and increase the security of their Red Hat Linux systems.

The course covers security related tasks for Red Hat Enterprise Linux (RHEL) and CentOS Linux systems. The topics taught would also be relevant for all Linux  distributions.

Exercises and examples are used throughout the course to give practical hands-on experience with the techniques covered.

The delegate will gain an understanding of:

  • Linux security basics, precautions and common attack methods
  • Viewing and configuring the key Linux log files
  • Querying and configuring the Linux Audit Framework
  • Knowledge and execution of key SELinux commands
  • Modifying SELinux policy and policy modules
  • Configuring the Red Hat firewall
  • Securing Linux applications with certificates
  • Securing applications with TCP wrappers
  • Securing SSH
  • Installing and configuring a Host Intrusion Detection System
  • Detecting root kits, viruses and other malware
  • Identifying security updates and signing packages
  • Increasing system security with PAM
  • Installing and configuring a password cracking utility
  • Basic and advanced sudo configuration
  • Securing Linux logins
  • Enchancing filesystem security and encrypting files
  • Configuring enhanced permissions and Access Control Lists
  • Configuring an OpenVPN server and client

Who will the Course Benefit?

The Security for Red Hat Linux course is aimed at System Administrators who wish to expand their knowledge of the many Red Hat Linux security features and  increase the security level of their Red Hat Linux systems.

  Reset

Learning Objectives

This course aims to provide the delegate with the knowledge to be able to query their Red Hat Linux system for most security related events and harden many  aspects of their system. The course explains the; Linux logging and auditing framework, SELinux, the firewall, certificate authorities, network time, Secure Shell,  Pluggable Authentication Modules, host intrusion and detection, password cracking, the sudo command, encrypting files and OpenVPN.

Pre-Requisites

Requirements

Delegates attending this course should have experience of administering Linux in an Enterprise environment to the level covered in the  Administering Red Hat Linux 7 - Part 1 or  the Linux System Administration (LPI & CompTIA) course.

Pre-Requisite Courses

  • Administering Red Hat Linux 7 - Part 1
  • Linux System Administration (LPI & CompTIA)

Follow-On Courses

  • Administering Red Hat Linux 7 - Part 2
  • Linux Advanced System Administration (LPI)
Notes:
  • Course technical content is subject to change without notice.
  • Course content is structured as sessions, this does not strictly map to course timings. Concepts, content and practicals often span sessions.

Course Content

Day 1

Course Introduction

  • Administration and Course Materials
  • Course Structure and Agenda
  • Delegate and Trainer Introductions

Session 1: LINUX SECURITY OVERVIEW

  • Linux Native Security
  • Areas Of Security
  • Common Attack Methods
  • Basic Security Precautions
  • Standards and Compliance

Session 2: SHELL CONFIGURATION

  • Overview
  • Command Line History
  • Configuring History
  • Shell Options

Session 3: LOGGING WITHIN LINUX

  • Linux Log Files
  • The systemd Journal
  • Linux Audit Framework
  • Configuring Auditing

Session 4: SELinux

  • DAC vs MAC
  • The SELinux Policy
  • Viewing SELinux Decisions
  • SELinux Entities
  • SELinux Commands
  • SELinux Domains
  • Modifying The SELinux Policy

Day 2

Session 5: ADVANCED SELinux CONFIGURATION

  • SELinux Modules
  • Creating SELinux Modules

Session 6: THE RED HAT FIREWALL

  • Firewall Zones
  • Configuring the Firewall
  • Creating a Firewall Service
  • Configuring Firewall Zones
  • Installing and Configuring Fail2ban

Session 7: SECURING APPLICATIONS

  • Certificate Based Authentication
  • TCP Wrappers
  • Network Time
  • Authenticating chrony Clients

Session 8: SECURING SSH

  • Key Algorithms
  • SSH Agents
  • SSH Server Options
  • Certificate Based Authentication
  • SSH Tunneling

Day 3

Session 9: INTRUSION DETECTION AND PREVENTION

  • Detecting Intrusions With AIDE
  • Configuring AIDE Rules
  • Detecting and Removing Rootkits
  • Viruses
  • Installing and Configuring ClamAV

Session 10: SECURING PACKAGES

  • Red Hat Package Management
  • Package Management History
  • Rolling Back Packages
  • Creating and Signing an rpm Package
  • Installing a Signed rpm
  • Creating a Package Repository

Session 11: SECURITY VIA PLUGGABLE AUTHENTICATION MODULES

  • PAM File Format
  • The Main PAM Configuration File
  • Using PAM Allow/Deny a Service
  • Restricting SSH
  • Increasing Password Complexity
  • Delaying Failed Logins
  • Controlling Limits and Access

Session 12: CRACKING LINUX PASSWORDS

  • Types of Password Attacks
  • Verifying Password Strength
  • Installing And Configuring A Cracking Utility
  • Installing a Word List
  • Resetting A Lost root Password

Day 4

Session 13: SUDO AND RESTRICTING LOGINS

  • Restricting Linux Accounts
  • Automatic Logout
  • Sudo
  • Configuring sudo for Remote Systems
  • Advanced sudo Configuration
  • Extended File Attributes
  • Securing Linux History

Session 14: SECURING THE FILESYSTEM

  • Filesystem Security Considerations
  • Protecting The Boot Menu
  • Filesystem Options
  • Securely Erasing Data
  • vim Security Considerations
  • Access Control Lists
  • Enhanced Permissions
  • Filesystem Encryption

Session 15: VIRTUAL PRIVATE NETWORKS

  • Overview Virtual Private Networks
  • OpenVPN Installation and Configuration
  • Server and Client Configuration

Privacy Notice

In order to provide you with the service requested we will need to retain and use your contact information in accordance with our Privacy Notice. If you choose to provide us with this information you explicitly consent to us using the information as necessary to provide the requested service to you. If you do not agree please do not proceed to request the service from us.

Marketing Permissions

Would you like to receive our newsletter and other information on products and services which we think will be of interest to you by email. We will always treat your information with care and in accordance with our Privacy Notice. You are free to withdraw this permission at any time.

 

Virtual Classroom

Virtual classrooms provide all the benefits of attending a classroom course without the need to arrange travel and accomodation. Please note that virtual courses are attended in real-time, commencing on a specified date.

Virtual Course Dates

Our Customers Include