Training Course Outline
IT Vendor Courses Unix Solaris Training Courses
Personalising Security on the Solaris Operating System
View course dates
Course Duration: 5 days
Course Code: SC-301-S10
Course Description:
The Personalizing Security on the Solaris 10 Operating System course provides students with the knowledge and skills to customize security on Solaris 10 operating systems.
Course Objectives
Upon completion of this course, students should be able to install, configure, and adminster systems installed with the Solaris 10 Operating System (OS) and understand the following Solaris 10 OS security concepts:
- Principles and features
- Installing systems securely
- Principle of Least Privilege
- File integrity and privacy
- Application and network security
- Auditing and zone security
Who Should Attend
Students who can benefit from this course are security, system, and network administrators who are responsible for customizing security on Solaris 10 systems.
This course includes the following modules:
Describing Basic Security Principles
- Describe the need for a security policy
- Describe the need to securely configure systems
- Describe hardening systems
- Describe minimized systems
- Describe appropriate system configuration
- Describe the need for auditing
- Describe logging to meet legislative compliance
Listing Applicable Solaris 10 Security Features
- Describe these new features included in the Solaris 10 Operating System (OS):
- The device policy
- Kerberos-enabled applications, Lightweight Directory Access Protocol (LDAP), and interoperability enhancements
- Process rights management
- Solaris Containers
- User rights management (Role Based Access Control)
- Password strength, syntax checking, history, and aging improvements
- Basic Audit and Report Tool (BART) for file integrity
- IPfilter stateful packet filtering firewall
- Solaris Secure Shell
- IPsec/Internet Key Exchange (IKE) performance enhancements
- Solaris auditing
- Trusted Extensions
- SSL encryption with PKCS#11 interface and OpenSSL
- PAM improvements
- MD5 hash functions built into the Solaris OS
Describing Minimization
- Describe a minimal installation
- Describe software installation clusters (metaclusters)
- Examine loose compared to strict minimization
- Provide consistent, known configuration for installations
Managing Patches
- Describe the Solaris 10 Update Manager
- Describe signed patches
- Understand how to verify signatures for a signed patches
- Specify a web proxy when installing a signed patch
Performing Hardening
- Understand what is involved when performing system hardening
- Use the Solaris Security Toolkit (SST)
- Understand the software component of SST
- Use SST for system hardening
- Use SST for system security audits
Implementing Process Rights Management
- Describe process rights management
- Describe process privileges
- Understand how to determine rights required by processes
- Understand how to debug privileges
- Assign minimum rights to a process
Implementing User Rights Management
- Describe access controls
- Understand and use Role Based Access Control
- Explain what is meant by a rights profile
- Understand and use a role
- Explain authorizations and privileges in RBAC
- Configure and use password history
- Configure password selection constraints
- Understand how to use strong cryptographic algorithms for passwords
Utilizing the Solaris Cryptographic Framework
- Describe the role of the Solaris Cryptographic Framework
- Administer and maintain the Solaris Cryptographic Framework
- Explain and use the digest(1), mac(1), encrypt(1), and decrypt(1) commands
- Manage the Solaris Cryptographic Framework environment
- Describe how the Solaris Cryptographic Framework can be used with Java applications, web servers, and the Sun Crypto accelerator cards
Managing File system Security
- Use the elfsign(1) command to verify Solaris 10 OS Executable and Linkable Format (ELF) objects
- Describe and use the Basic Audit and Report Tool
- Describe secure execution
Using the Service Management Facility
- Describe the Service Management Facility
- Describe the concept of least privilege
- Describe authorization
- Limit a service's privileges
- Examine a service's current privileges
Securing Networks
- Describe network access controls
- Describe TCP Wrappers in the Solaris 10 OS
- Implement the Solaris IP Filter Stateful Packet Filtering Firewall
- Describe Kerberos security
- Understand and use Solaris Secure Shell
- Describe the security features of NFSv4
Implementing IPsec
- Describe IP Security (IPsec) and the Internet Key Exchange (IKE) protocols
- Describe the various ways IPsec can be configured
- Describe two ways to configure IKE
- Describe methods used for troubleshooting IPsec and IKE configurations
Performing Auditing and Logging
- Describe Solaris auditing
- Configure an audit policy
- Implement Solaris auditing
- Configure auditing on a system implementing Solaris zones
- Access the audit data from the audit trail
- Describe how the audit records can be used
- Protect audit information on a system or in the enterprise
Implementing Security in Solaris Zones
- Describe security characteristics of a Solaris system with zones installed
- Understand the differences between the subjects already covered and how they apply to the Solaris operating system with zones installed
- Describe the global zone
- Explain when and how to use zones
- Describe resource management in a zone
- Address zones and network security
- Understand patching zones
How Security Components Work Together
- Describe how security components work together
- Describe how technologies interact
- Describe infrastructure requirements
|
Click on course date to make a booking, check availability, or find out about available discounts.
|
Sun Guillemont Park |
5 days |
£1850 |
19 - 23 |
|
|
20 - 24 |
|
|
Save as PDF
Print this course
Enquiry And Feedback Form