Course Details |
|
Red Hat Enterprise SELinux Policy Administration (RHS429)
|
|
Overview:
- Red Hat Certified
SELinux Policy Administration (RHS429): Security has been an
important part of networking, SELinux was created to help with increasing demand
for a more secure operating system. This course has been designed to
explain new SELinux works. It tounches topics like the history of SELinux,
architecutre, security policies, context and how the targated policy works.
It helps us to understand the fundamental changes in the OS How to modify it to
get around problems that may arise as a result of the use of SELinux.
|
Audience::
- System
Administrators, conultants and other IT professionals.
|
Prerequisites:
- RHCE
certification or equivalent experience.
|
Course Content:
|
|
Unit 1: Introduction to SELinux
- Selinux history and architecture overview
- Elements of the SELinux security model: user identity and
role, domain type, sensitivity and categories security context
- SELinux policy and Red Hat's targeted policy
- Configuring policy with booleans
- Archiving
- Setting and displaying extended attributes
Unit 2: Using SELinux
- Controling SELinux
- File contexts
- Relabeling files and file systems
- Mount options
Unit 3:
The Red Hat targeted policy
- Identifying and toggling protected services
- Apache security contexts and configuration booleans
- Name service contexts and configurations booleans
- NIS client contexts
- Other services
- File context for special directory trees
- Troubleshooting and avc denial messages
- SE troubleshooting and logging
Unit 4: Introduction to
policies
- Policy overview and organization
- Compiling and loading the monolithic policy and policy modules
- Policy type enforcement module syntax
- Object classes
- Domain transition
Unit 5: Policy utilities
- Tools available for manipulating and analyzing policies: apol,
seaudit and seaudit_report, checkpolicy, sepcut, sesearch, sestatus, audit2allow
and audit2why, sealert, avcstat, seinfor, semanage and semodule, Man pages
Unit 6:
User and role security
- Role-based access control
- Multicategory security
- Defining a security administratior
- Multlevel security
- The strict policy
- User identification and declaration
- Role identification and declaration
- Roles in use in transitions
- Role dominance
Unit 7: Anatomy of a
policy
- Policy macros
- Type attributes and aliases
- Type transitions
- When and how files get labeled
- Restorecond
- Customizable types
Unit 8: Manipulating
policies
- Installing and compiling policies
- The policy language
- Access vector
- SELinux logs
- Security identifiers - SIDs
- File system labeling behavior
- context on netword objects
- Creating and using new booleans
- Manipulating policy by example
- Macros
- Enableaudit
Unit 9: Project
- Best practices
- Create file contexts, types, and typealiases
- Edit and create network contexts
- Edit and create domains
|
|
|
Certification Exam:
- This is exam is
performance-based, meaning that candidates must perform tasks on a live system,
rather than answering questions about how one might perform those tasks.
- 11 Training
units will be provided.
- Official course Material will be required to appear this exam.
- Exam Duration – 3hrs.
- Exam Fees – Rs. 10,000/-
per candidate. Fees should be paid by DD drown in favor of “Red Hat India Pvt. Ltd.”
Payable at Mumbai.
- Exam results are
emailed within 5 business days following the exam
|
|
|
Sample Certificate:
|
|
|
|
|
|
|
|