- RHCA - Red Hat® Certified Architect
- RHCSS - Red Hat® Certified Security Specialist
Course Outline
1. Tracking Security Updates
· Gain deeper understanding of how Red Hat Maintains and publishes updates and security advisors.
· Understand Red Hat Security response and Red hat Severity scoring.
· Get deeper understanding of Common Vulnerabilities and Exposures (CVEs) and Errata
· Red Hat Security Advisory, Bug Fix Advisory, Enhancement Advisory
· Discuss package maintenance through backporting.
· Working and engaging with Red hat Security response team
2. Manage software updates
· Develop a process for applying updates to systems including verifying properties of the update.
· Learn how to apply Security updates
· How to perform GPG package signature verification
· Understand package triggers and scripts and learn how to validate them
3. Secure File Systems
· Use separate block devices to prevent critical FileSystems from overfilling
· Work with Linux Unified Key Setup (LUKS) to create and encrypted FileSystem
· Allocating FileSystems for Secure Containment
· Allocate an advanced file system layout and use file system encryption.
4. Manage File Systems
· Secure Filesystem using security related mount options (nodev, noexec, nosuid, user_xattr_acl)
· Secure individual files with file attributes (a-append, d-dump, i-immutable, S-synchronous updates, j-data journaling)
· Understand implication of setting Extended File Attributes
5. Security Threats From Special Permissions
· Understand security impact of setting special permissions on files and directories
· Learn how to audit files and directories with special permissions
· The risks of SetUID programs and build UNIX shell script to monitor such risks
6. Secure Server with Additional File Access Controls
· Reduce unwanted security risks by setting default file permissions
· Proper use of Access Control List for securing your system from uninvited access to data
7. Monitoring System with Intrusion Detection Software
· Using AIDE, create filesystem metadata database to help perform file system auditing
· Learn how to install AIDE
· Hands on practical on AIDE configuration
8. Protecting User Accounts from vulnerabilities
· How to secure system using appropriate password-aging policies
· Learn how to audit user accounts on your system
· Identify security threats by detecting duplicate system users.
9. Manage pluggable authentication modules (PAMs)
· Understand PAM syntax and configuration file in detail (/etc/pam.d)
· Learn PAM Rule Types (auth, account, password, session)
· Get deeper understanding of PAM controls.
· Configure Password complexity policy through PAM
· Apply limits to user to tighten server security
· Lock accounts with multiple failed logins
10. Securing Server Console Access
· Apply local console setting changes to comply with security policy requirements
· Learn how to secure GRUB boot loader
· Modify text console setting. Displaying acceptable user notification.
· Secure graphical console setting
· Implications of disabling Control-Alt-Delete
· How to disable poweroff and Reboot on Login window.
11. Installing Central Authentication
· Deploy both client and server centralized authentication using Red Hat Enterprise Linux Identify Management (IdM)
· Installing an Identity Management Server (IdM)
· User Administration - Adding users and group entries to Identity Management Server
· Registering a client System with Identity Management Server
12. Manage Central Authentication
· Learn How to control IdM user access
· Define password expiration policy for IdM
· Control access to both machines and services running on these machines by defining rules.
· Granting and implanting sudo access through Identify Management Server
13. Configure System Logging
· Configure Centralized remote logging server and configure clients to send messages to it.
· Use filter conditions to divide local and remote logs.
· Learn how to encrypt logs sent over the network to the central logging server.
· Understand, configure and implement log file rotation policies through logrotate.conf
14. Configure system auditing
· Understand more about Linux auditing subsystem named auditd to capture kernel messages.
· Learn how to configure auditd and how to perform remote logging with auditd.
· Decipher contents of the audit.log file to identify security events and report on auditing messages.
· Learn how to investigate system calls performed by a process by tracing a program using autrace.
· Writing, removing and inspecting custom audit rules using auditctl.
· How to use predefined audit sets for auditing compliance.
15. Controlling Access to Network Services
· Configure IPV4 and IPV6 kernel-level firewall rules.
· After understanding iptable basics learn best rule management practices.
· Build shell script to establish the current firewall to make for editing rule modification.
· Manage firewall rules to limit connectivity to network services.