Personalising Security on the Solaris Operating System

5 Day Course
Hands On
Official Unix Curriculum
Code SC-301-S10

Book Now - 1 Delivery Method Available:

Classroom Virtual Classroom Private Group - Virtual Self-Paced Online

Overview

The Personalizing Security on the Solaris 10 Operating System course provides students with the knowledge and skills to customize security on Solaris 10 operating systems.

Course Objectives

Upon completion of this course, students should be able to install, configure, and adminster systems installed with the Solaris 10 Operating System (OS) and understand the following Solaris 10 OS security concepts:

- Principles and features
- Installing systems securely
- Principle of Least Privilege
- File integrity and privacy
- Application and network security
- Auditing and zone security

Who Should Attend

Students who can benefit from this course are security, system, and network administrators who are responsible for customizing security on Solaris 10 systems.

Training Partners

We work with the following best of breed training partners using our bulk buying power to bring you a wider range of dates, locations and prices.

Modules

Hide all

Describing Basic Security Principles (7 topics)

  • Describe the need for a security policy
  • Describe the need to securely configure systems
  • Describe hardening systems
  • Describe minimized systems
  • Describe appropriate system configuration
  • Describe the need for auditing
  • Describe logging to meet legislative compliance

Listing Applicable Solaris 10 Security Features (16 topics)

  • Describe these new features included in the Solaris 10 Operating System (OS):
  • The device policy
  • Kerberos-enabled applications, Lightweight Directory Access Protocol (LDAP), and interoperability enhancements
  • Process rights management
  • Solaris Containers
  • User rights management (Role Based Access Control)
  • Password strength, syntax checking, history, and aging improvements
  • Basic Audit and Report Tool (BART) for file integrity
  • IPfilter stateful packet filtering firewall
  • Solaris Secure Shell
  • IPsec/Internet Key Exchange (IKE) performance enhancements
  • Solaris auditing
  • Trusted Extensions
  • SSL encryption with PKCS#11 interface and OpenSSL
  • PAM improvements
  • MD5 hash functions built into the Solaris OS

Describing Minimization (4 topics)

  • Describe a minimal installation
  • Describe software installation clusters (metaclusters)
  • Examine loose compared to strict minimization
  • Provide consistent, known configuration for installations

Managing Patches (4 topics)

  • Describe the Solaris 10 Update Manager
  • Describe signed patches
  • Understand how to verify signatures for a signed patches
  • Specify a web proxy when installing a signed patch

Performing Hardening (5 topics)

  • Understand what is involved when performing system hardening
  • Use the Solaris Security Toolkit (SST)
  • Understand the software component of SST
  • Use SST for system hardening
  • Use SST for system security audits

Implementing Process Rights Management (5 topics)

  • Describe process rights management
  • Describe process privileges
  • Understand how to determine rights required by processes
  • Understand how to debug privileges
  • Assign minimum rights to a process

Implementing User Rights Management (8 topics)

  • Describe access controls
  • Understand and use Role Based Access Control
  • Explain what is meant by a rights profile
  • Understand and use a role
  • Explain authorizations and privileges in RBAC
  • Configure and use password history
  • Configure password selection constraints
  • Understand how to use strong cryptographic algorithms for passwords

Utilizing the Solaris Cryptographic Framework (5 topics)

  • Describe the role of the Solaris Cryptographic Framework
  • Administer and maintain the Solaris Cryptographic Framework
  • Explain and use the digest(1), mac(1), encrypt(1), and decrypt(1) commands
  • Manage the Solaris Cryptographic Framework environment
  • Describe how the Solaris Cryptographic Framework can be used with Java applications, web servers, and the Sun Crypto accelerator cards

Managing File system Security (3 topics)

  • Use the elfsign(1) command to verify Solaris 10 OS Executable and Linkable Format (ELF) objects
  • Describe and use the Basic Audit and Report Tool
  • Describe secure execution

Using the Service Management Facility (5 topics)

  • Describe the Service Management Facility
  • Describe the concept of least privilege
  • Describe authorization
  • Limit a service's privileges
  • Examine a service's current privileges

Securing Networks (6 topics)

  • Describe network access controls
  • Describe TCP Wrappers in the Solaris 10 OS
  • Implement the Solaris IP Filter Stateful Packet Filtering Firewall
  • Describe Kerberos security
  • Understand and use Solaris Secure Shell
  • Describe the security features of NFSv4

Implementing IPsec (4 topics)

  • Describe IP Security (IPsec) and the Internet Key Exchange (IKE) protocols
  • Describe the various ways IPsec can be configured
  • Describe two ways to configure IKE
  • Describe methods used for troubleshooting IPsec and IKE configurations

Performing Auditing and Logging (7 topics)

  • Describe Solaris auditing
  • Configure an audit policy
  • Implement Solaris auditing
  • Configure auditing on a system implementing Solaris zones
  • Access the audit data from the audit trail
  • Describe how the audit records can be used
  • Protect audit information on a system or in the enterprise

Implementing Security in Solaris Zones (7 topics)

  • Describe security characteristics of a Solaris system with zones installed
  • Understand the differences between the subjects already covered and how they apply to the Solaris operating system with zones installed
  • Describe the global zone
  • Explain when and how to use zones
  • Describe resource management in a zone
  • Address zones and network security
  • Understand patching zones

How Security Components Work Together (3 topics)

  • Describe how security components work together
  • Describe how technologies interact
  • Describe infrastructure requirements

Course PDF

Print

Share this Course

+1
Share

Recommend this Course

Sections