Linux System Security

4 Day Course
Hands On
Code LSS

Book Now - 2 Delivery Methods Available:

Classroom Virtual Classroom Private Group - Virtual Self-Paced Online

Overview

This is a highly practical and instructor led Linux System Security course.

The course details detecting and restricting users and applications for Linux and Red Hat based Linux systems. Security compliance, logging and auditing are included along with hardening related tasks. The topics taught are applicable for all Linux distributions. The command line is demonstrated and used extensively throughout the training.

This course is based on the Red Hat/CentOS Linux distribution. Delegates will be able to apply the concepts covered on this class to further Linux based distributions.

Exercises and examples are used throughout the course to give practical hands-on experience with the techniques covered.

Objectives

This course provides delegates with the skills to query Linux systems for most security related events and harden many aspects of their systems.

It explains and demonstrates subjects such as the; Linux logging and auditing framework, SELinux, the firewall, certificate authorities, network time, Secure Shell, Pluggable Authentication Modules, Host Intrusion and Detection Systems (HIDS), detecting and removing malware, password cracking, administering Sudo and encrypting files.

The delegate will gain an understanding of:

  • Linux security basics, precautions and common attack methods
  • Viewing and configuring the key Linux log files
  • Querying and configuring the Linux Audit Framework
  • Knowledge and execution of key SELinux commands
  • Modifying SELinux policy and policy modules
  • Configuring the Red Hat firewall
  • Securing Linux applications and remote logging
  • Securing SSH
  • Installing & configuring a Host Intrusion Detection System
  • Detecting root kits
  • Improving system security with PAM
  • Basic and advanced sudo configuration
  • Securing Linux logins
  • Enchancing filesystem security and encrypting files
  • Installing and configuring a password cracking utility
  • Configuring an OpenVPN server and client
  • Red Hat security updates and verifying packages

Target Audience

The Linux System Security course is intended for Linux System Administrators wanting to improve their knowledge of Linux security features and enhance the security level of Linux systems.

Techniques and subjects covered in this course will also be useful for Administrators wanting to improve the logging and auditing functionality of Linux systems.

Additional Information

  • Course technical content is subject to change without notice.
  • Course content is structured as sessions, this does not strictly map to course timings. Concepts, content and practicals often span sessions.

Training Partners

We work with the following best of breed training partners using our bulk buying power to bring you a wider range of dates, locations and prices.

Modules

Collapse all

INTRODUCTION TO LINUX SECURITY (6 topics)

  • Linux Native Security
  • Areas of Security
  • Common Attack Methods
  • Basic Security Precautions
  • Standards and Compliance
  • Security Technical Implementation Guides (STIGs)

SECURING THE USER ENVIRONMENT (5 topics)

  • Managing User Accounts and Security Options
  • Configuring Account Defaults
  • Default File and Directory Permissions
  • Configuring History Variables
  • Querying and Confining Command Line History

LINUX LOGGING AND AUDITIN (7 topics)

  • Security Related Log Files
  • Querying Login Activity
  • Viewing and Configuring the Journal
  • Viewing and Understanding Audit Records
  • Generating Audit Queries
  • Defining Auditing Rules
  • Audit Performance

SELINUX (8 topics)

  • DAC vs MAC
  • SELinux Policy
  • SELinux Contexts
  • SELinux Key Commands
  • Viewing SELinux Decisions
  • SELinux Booleans
  • Permissive and Unconfined Domains
  • Exporting SELinux Configuration

SELINUX MODULES (5 topics)

  • SELinux Entities
  • Listing and Administering SELinux Modules
  • Creating Modules With audit2allow
  • Writing and Editing SELinux Modules
  • Type Enforcement and File Context Files

RED HAT FIREWALL (7 topics)

  • Firewalld Overview
  • Firewalld vs IPTables
  • Configuring Firewall ports
  • Creating a Firewall Service
  • Creating and Configuring Firewall Zones
  • Viewing and Creating Rich Rules
  • Fail2ban Installation and Configuration

SECURING SSH (6 topics)

  • SSH Key Algorithms
  • SSH Agents and Server Options
  • Restricting Authentication Methods
  • Viewing and Encrypting the known_hosts File
  • Certificate Based Authentication
  • Verifying Signed Certificates

SECURING APPLICATIONS (4 topics)

  • TCP Wrapper Access Checking
  • TCP Wrapper Extended Syntax
  • Configuring an NTP Server
  • Securing chrony and Authenticating Clients

INTRUSION DETECTION AND PREVENTION (7 topics)

  • Detecting Host Intrusions
  • Limitations of AIDE
  • Installing and Configuring AIDE
  • Detecting Filesystem Changes
  • Detecting and Removing Rootkits
  • Rootkit Best Practices
  • Installing and Configuring ClamAV

SECURING PACKAGES (8 topics)

  • Common Vulnerabilities and Exposures (CVE's)
  • Red Hat Package Management
  • Obtaining Detailed Update Information
  • Post Update Considerations and Rolling Back Packages
  • Details on Security Packages
  • Package Management History
  • Creating and Signing an RMP Package
  • Creating a Package Repository

PLUGGABLE AUTHENTICATION MODULES (7 topics)

  • PAM File Format
  • Restricting Services with PAM
  • Restricting Access to SSH
  • Increasing Password Complexity
  • Delaying Failed Logins
  • Controlling Access by Time
  • Limiting user Resources

LINUX PASSWORDS (6 topics)

  • Password Hashing Methods
  • Verifying Password Strength
  • Password Attacks Types
  • Password Cracking
  • Installing a Password Cracking Utility
  • Installing a Word List

SUDO AND RESTRICTING LOGINS (9 topics)

  • Basic Examples and Command Line Options
  • Sudo Aliases, Tags and Groups
  • Sudo Password Administration
  • Running Sudo On Remote Systems
  • Sudoedit
  • Sudo Logging and Replay
  • Include Statements
  • Restricting root Access
  • Configuring Timeouts

SECURING THE LINUX FILESYSTEM (7 topics)

  • Partitioning Considerations
  • Protecting the Boot Menu
  • Securely Erasing Data
  • Data Sanitisation Methods
  • Extended Permissions and File Attributes
  • Creating and Modifying File Access Control Lists (ACLs)
  • LUKS Encrypted Partitions

RED HAT IDENTITY MANAGEMENT (3 topics)

  • IRed Hat Identity Management
  • Identity Management Domain
  • IDM Server and Client Installation and Configuration

CERTIFICATE BASED AUTHENTICATION (3 topics)

  • Creating a Certificate Authority
  • Configuring Logging with TLS
  • Securing VSFTPD for SSL/TLS

Prerequisites

Delegates attending this course should have experience of administering Linux in an Enterprise environment to the level covered in the pre-requisite courses.

Where Red Hat 8 courses are listed in the Pre-Requisite Courses section equivalent Red Hat 7 courses would also suffice.

Pre-Requisite Courses
  • Red Hat 8 System Administration - Part 1
  • Linux System Administration (LPI & CompTIA)
  • SUSE Linux System Administration
  • Oracle Linux 7 Administration

Additional Learning

The courses below may help you meet the knowledge level required to take this course.

Scheduled Dates

Please select from the dates below to make an enquiry or booking.

Pricing

Different pricing structures are available including special offers. These include early bird, late availability, multi-place, corporate volume and self-funding rates. Please arrange a discussion with a training advisor to discover your most cost effective option.

Code Location Duration Price Jun Jul Aug Sep Oct Nov
LSS
Virtual Classroom (London)
4 Days $2,520

Course PDF

Print

Share this Course

Share

Recommend this Course

Sections