ExitCertified Training Training with Java Solaris Red Hat IBM Symantec Siebel PeopleSoft Certified
 
Start Training Courses and Schedules Training Savings IT Certification Training Solutions
Training Search
Trust Your IT Training   |
Oracle University Awards ExitCertified Corporation with North American Partner of the Year.
Email Training Course

Enterprise Linux Security Administration  (GL550)

Format: Instructor-Led Classroom
Other Formats:
 

Start your journey to becoming a Network Security Guru.


 

This highly technical course focuses on properly securing machines running the Linux operating systems. A broad range of general security techniques such as packet filtering, password policies, and file integrity checking are covered. Advanced security technologies such as Kerberos and SELinux are taught. Special attention is given to securing commonly deployed network services. At the end of the course, students have an excellent understanding of the potential security vulnerabilities -- know how to audit existing machines, and how to securely deploy new network services.

 
This Course is taught by Certified Instructors   Flex Training Savings

 
Linux Training and Certification FAQ  
 
What Linux distributions does this course relate to?
ExitCertified's Guru Lab courses use the Red Hat Linux (RHEL5) distribution, but can also be delivered in other Linux distributions such as SUSE Linux. Contact one of our Education consultants to request a specific Linux distribution.
 
What Linux Certifications does this course qualify for?
Employers are increasingly requiring tangible proof of skill sets. ExitCertified's Guru Labs Linux courses support several leading, industry-standard, Linux certifications:
 
Red Hat Linux Certification Program
  Search for qualifying Red Hat Certified Technician (RHCT) and Red Hat Certified Engineer (RHCE) courses. MORE »
Linux Professional Institute (LPI) Certification Program
  Search for courses qualifying for LPI's industry standard certifications. MORE »
Novell Linux Certification Program
  Novell offers industry-leading certifications and tests that are globally recognized. MORE »
 
Why ExitCertified for your Linux Training?
ExitCertified has partnered with Guru Labs to offer the best in Linux training. With this de facto standard in Linux training across different distributions, students are exposed to core Linux concepts with extensive hands-on labs and instructors who "really really know their stuff".

We always hear from our students how refreshing it is to learn from ExitCertified's highly-qualified Linux instructors, with an in-depth and dynamic hands-on format. Learn from the experts.
 
Linux Training | Linux Certification FAQs  
Redhat Linux Certification Program
Linux Professional Institute LPI Certification Program
Novell Certification Program :: Certified Linux Professional
 
 


 

Skills Gained
  At the end of the course students have an excellent understanding of potential security vulnerabilities, know how to audit existing machines, and how to securely deploy new network services.

Prerequisites
  This class covers advanced security topics and is intended for experienced systems administrators. Individuals planning to take this class should have strong Linux system administration experience. Students should be comfortable with concepts and tasks such as editing text files in Unix and starting and stopping services/daemons. A good grasp of networking concepts will be helpful. Candidates should have current Linux or UNIX systems administration experience equivalent to the GL120 "Linux Fundamentals", GL250 "Enterprise Linux Systems Administration", and GL275 "Enterprise Linux Network Services".

Distributions
  This course is currently supported on the latest releases of Red Hat Enterprise Linux, Fedora Linux, SUSE Linux Enterprise Server, or OpenSUSE.
 
Enroll For This Class
Enroll For This Class
Linux Guru Labs Training Class This course is taught by Certified Linux :: Guru Labs instructors.

There is a difference. Learn More
Training Class Enrollment Ask A Question About This Training
Code: GL550
Format: Instructor-Led Classroom
Length: 5 days
Certified By: Linux :: Guru Labs
Tuition (USD): $2,395 / $2,036 GSA GOV.
Browse Similar Training Classes
Related training classes
Sort Schedule By: 
No Course Dates There are currently no scheduled dates for this course. If you are interested in this course, request a course date with the links below. We can also contact you when the course is scheduled in your area.
   
Request course date Request Course On-Site
 

Enterprise Linux Security Administration  (GL550) Content Details
 
 
Security Concepts
  • Basic Security Principles
  • Linux Default Install
  • Installer Firewall Options
  • Post-Install Firewall
  • Minimization - Discovery
  • Service Discovery
  • Hardening
  • Security Concepts
  • - Lab Tasks:
  • Removing Packages Using RPM
  • Firewall Configuration
  • Process Discovery
  • Operation of the setuid() and capset() System Calls
  • Operation of the chroot() System Call
Scanning, Probing, and Mapping Vulnerabilities
  • The Security Environment
  • Stealth Reconnaissance
  • The WHOIS database
  • Interrogating DNS
  • Discovering Available Hosts and Applications
  • Reconnaissance with SNMP
  • Discovery of RPC Services
  • Enumerating NFS Shares
  • Nessus Insecurity Scanner
  • Configuring OpenVAS
  • -Lab Tasks:
  • NMAP
  • OpenVAS
  • Advanced nmap Options
Password Security and Pam
  • Unix Passwords
  • Password Aging
  • Auditing Passwords
  • PAM Implementation, Management, and
  • Control Statements
  • PAM Modules
  • pam _ unix.so; pam _ cracklib.so; pam _
  • pwcheck.so; pam _ env.so; pam _ xauth.
  • so; pam _ tally.so; pam _ wheel.so; pam _
  • limits.so; pam _ nologin.so; pam _ deny.
  • so; pam _ securetty.so; pam _ time.so;
  • pam _ access.so; pam _ listfile.so; pam _
  • lastlog.so; pam _ warn.so; pam _ console.
  • so; pam _ resmgr.so; pam _ devperm.so
  • - Lab Tasks:
  • John the Ripper
  • Cracklib
  • Using pam _ listfile to Implement Arbitrary
  • ACLs
  • Using pam _ limits to Restrict Simultaneous Logins
  • Using pam _ nologin to Restrict Logins
  • Using pam _ access to Restrict Logins
  • su & pam
Secure network time protocol (NTP)
  • The Importance of Time
  • Time Measurements
  • Terms and Definitions
  • Synchronization Methods
  • NTP Evolution
  • Time Server Hierarchy
  • Operational Modes
  • NTP Clients
  • Configuring NTP Clients and Servers
  • Securing NTP
  • NTP Packet Integrity
  • Useful NTP Commands
  • - Lab Tasks:
  • Configuring and Securing NTP
  • Peering NTP With Multiple Systems server
Kerberos Concepts
  • Common Security Problems
  • Account Proliferation
  • The Kerberos Solution
  • Kerberos History, Implementations, and
  • Concepts
  • Kerberos Principals, Safeguards, and Components
  • Authentication Process
  • Identification Types
  • Logging In
  • Gaining and Using Privileges
Kerberos Components
  • Kerberos Components
  • KDC
  • Kerberos Principal Review
  • Kerberized Services Review
  • Kerberized Clients
  • KDC Server Daemons
  • Configuration Files
  • Utilities Overview
  • Kerberos SysV Init Scripts
Implementing Kerberos
  • Plan Topology
  • Plan Implementation
  • Kerberos 5 Client Software
  • Kerberos 5 Server Software
  • Synchronize Clocks
  • Creating and Configuring the Master KDC
  • KDC Logging
  • Specifying [realms] Specifying [domain _ realm]
  • Allow Administrative Access
  • Create KDC Databases and Administrators
  • Install Keys for Services
  • Start Services
  • Add Host Principals
  • Add Common Service Principals
  • Configure Slave KDCs
  • Create Principals for Slaves
  • Define Slaves as KDCs
  • Copy Configuration to Slaves
  • Install Principals on Slaves
  • Synchronization of Database
  • Propagate Data to Slaves
  • Create Stash on Slaves
  • Start Slave Daemons
  • Client Configuration
  • Install krb5.conf on Clients
  • Client PAM Configuration
  • Install Client Host Keys
  • - Lab Tasks:
  • Implementing Kerberos
Administrating and Using Kerberos
  • Administrative Tasks
  • Key Tables
  • Managing Keytabs
  • Principals
  • Managing Principals
  • Principal Policy
  • Viewing Principals
  • Managing Policies
  • Overall Goals for Users
  • Signing Into Kerberos
  • Ticket types
  • Viewing Tickets
  • Removing Tickets
  • Passwords
  • Changing Passwords
  • Giving Others Access
  • Using Kerberized Services
  • Kerberized FTP
  • Enabling Kerberized Services
  • OpenSSH and Kerberos
 
Securing the Filesystem
  • Filesystem Mount Options
  • NFS Properties
  • NFS Export Option
  • NFSv4 and GSSAPI Auth
  • Implementing NFSv4
  • File Encryption with GPG and OpenSSL
  • Linux Unified Key Setup (LUKS)
  • - Lab Tasks:
  • Securing Filesystems
  • Securing NFS
  • File Encryption With GPG
  • File Encryption With OpenSSL
  • LUKS-on-disk format Encrypted Filesystem
AIDE
  • Host Intrusion Detection
  • Using RPM as an HIDS
  • Introduction to AIDE
  • AIDE Installation
  • AIDE Policies
  • AIDE Usage
  • Lab Tasks:
  • File Integrity Checking with RPM
  • File Integrity Checking with AIDE
Securing Apache
  • Apache Overview
  • Default Configuration
  • Configuring CGI
  • Turning Off Unneeded modules
  • Configuration Delegation and Scope
  • ACL by IP Address
  • HTTP User Authentication
  • Standard Auth Modules
  • HTTP Digest Authentication
  • Authentication via SQL, LDAP, and Kerberos
  • Scrubbing HTTP Headers
  • Metering HTTP Bandwidth
  • - Lab Tasks:
  • Hardening Apache by Minimizing Loaded Modules
  • Scrubbing Apache & PHP version headers
  • Protecting Web Content
  • Using the suexec mechanism
  • Enabling SSO in Apache with mod _ auth _kerb
Securing Postgresql
  • PostgreSQL Overview and Default Configuration
  • Configuring SSL
  • Client Authentication Basics
  • Authentication Methods
  • Advanced Authentication
  • Ident-based Authentication
  • - Lab Tasks
  • Configure PostgreSQL
  • PostgreSQL with SSL
  • PostgreSQL with Kerberos Authentication
  • Securing PostgreSQL with Web Based Applications
Securing EMail Systems
  • SMTP Overview
  • SMTP Implementations
  • Selecting an MTA
  • Security Considerations
  • Postfix Overview
  • Chrooting Postfix
  • Connections and Relays
  • SMTP AUTH & StartTLS/SSL
  • Secure Cyrus IMAP Config
  • Using GSSAPI/Kerberos Auth
  • - Lab Tasks:
  • Configuring Postfix
  • Postfix Network Configuration
  • Postfix In a Chroot’ed Environment
  • Postfix SMTP AUTH Configuration
  • Postfix STARTTLS Configuration
  • Configuring Cyrus IMAP
  • Kerberos with Postfix and Cyrus
SELinux Concepts
  • DAC vs. MAC
  • Shortcomings of Traditional UNIX Security
  • SELinux Goals, Evolution, and Modes
  • Gathering Information
  • SELinux Virtual Filesystem
  • SELinux Contexts
  • Managing Contexts
  • SELinux Troubleshooting
  • - Lab Tasks:
  • Exploring SELinux Modes
  • SELinux Contexts in Action
SELinux Policy
  • The SELinux
  • Choosing a Policy
  • Policy Layout
  • Tuning and Adapting Policy
  • Booleans
  • Managing Booleans
  • Managing File Contexts
  • Managing Port Contexts
  • Managing SELinux graphically
  • Examining Policy
  • - Lab Tasks:
  • Managing SELinux Booleans [RHEL]
  • Creating Policy with Audit2allow [RHEL]
  • Creating & Compiling Policy from Source [RHEL]
Accountability with Kernel Auditd
  • Accountability and Auditing
  • Simple Audit Tools
  • Kernel-Level Auditing
  • Configuring the Audit Daemon
  • Controlling Kernel Audit System
  • Creating Audit Rules
  • Searching Audit Logs
  • Generating Audit Log Reports
  • Audit Log Analysis
  • - Lab Tasks:
  • Auditing Login/Logout
  • Auditing File Access
  • Auditing Command Execution


  ExitCertified Training with Java Solaris Red Hat IBM Symantec Apple MySQL Siebel PeopleSoft  
  When you take a certified course with ExitCertified, you are learning from the creators of the products you use. Our commitment to your IT community, along with our authorization to deliver certified courses, ensures you receive a premium training experience.

There is a difference. Learn from the source.		  
     
Training Contacts    
     
Spotlight Centers All United States Training Centers
Sacramento Training :: 916.669.3970
San Francisco Training :: 415.975.3948
San Jose Training :: 408.288.3948
Las Vegas Training :: 1.800.803.3948
Phoenix Training :: 602.889.9350 		New York Training
Chicago Training
Los Angeles Training
Atlanta Training
Washington Training

 Denver Training
Boston Training
Dallas Training
Houston Training
Philadelphia Training
View All US Training Centers
     
Worldwide and All US Cities:
408.288.3948		 Got Questions?
We are happy to help. Just email us with this form and we'll get back to you shortly.
   



(c) 2009 ExitCertified Corp. All rights reserved.


ExitCertified is a global provider of authorized technology training. Some of our popular course topic include:
 
Sun Microsystems Training Oracle Training Symantec Training IBM Training Red Hat - Linux Training
Java Training, J2EE Training, JSP Training, Java Courses, Servlets Training, EJB Training, Struts Training, Networking Courses, Solaris Training, Java Composite Application Platform (JCAPS) Training, Java Certification, SeeBeyond Training, XML Training, Solaris Certification, Corporate Training PeopleSoft Training, 11g Training, 11g Certification, Oracle SQL, Oracle PL/SQL, DBA Training, Oracle Certification, Hyperion Training, Fusion Middleware Training, 10g Training, Siebel Training, JD Edwards Training, Stellent Class, BEA Courses, e-Business Suite NetBackup Training, Veritas Training, Symantec Certification, Virus Protection Courses, IT Security Training DB2 Training, Cognos Classes, WebSphere Training, CICS Training, Informix, Rational Training, Lotus, Notes and Domino Training, Tivoli Courses, AIX Class, CISCO Training, VMWare Training SUSE Training, RedHat Course , JBoss Class
         
MySQL Training Apple Training Hitachi - HDS Training Project Management PMI Training  
  Apple Course, Leopard Training, Xsan Training