Red Hat Certified Specialist in Server Hardening Prep Course

Course

December 31st, 2017

Intro Video

Photo of Terrence Cox

Terrence Cox

Senior Vice President of Content

A veteran of twenty years in Information Technology in a variety of roles. He has worked in development, security and infrastructure well before they merged into what we now call DevOps. He provides training in Linux, VMWare, DevOps (Ansible, Jenkins, etc) as well as containers and AWS topics. He now leads the Training Architects to produce the courses and content we all know and love!

Length

27:21:07

Difficulty

Advanced

Course Details

The performance-based Red Hat Certificate of Expertise in Server Hardening exam (EX413) tests your ability to perform a number of systems administration tasks focused on securing servers against unauthorized access.

Syllabus

Introduction

Meet Your Course Author

00:00:49

Lesson Description:

Hi. My name is Kevin James and I am your course author for this course. Find out a bit more about me and my qualifications in this video!

Introduction to Linux Academy

00:11:48

Lesson Description:

Welcome to Linux Academy!  Find out what this course offers you, as a Linux Academy student.

Course Prerequisites

00:02:44

Lesson Description:

Find out what you need to know before taking this course. 

Why Server Hardening?

00:05:56

Lesson Description:

Find out the benefits of server hardening and why you should care.

Get Recognized!

00:00:36

Lesson Description:

Found out how to get your efforts recognized on the Linux Academy community!

Identify Common Red Hat Vulnerabilities and Exposures

The CIA Model

00:09:36

Lesson Description:

Found out about the CIA Model and what it means for securing your servers.

Updating Systems

00:07:35

Lesson Description:

Let's discuss keeping your servers up-to-date.

Hands-on Labs are real live environments that put you in a real scenario to practice what you have learned without any other extra charge or account to manage.

01:00:00

Identify Red Hat Common Vulnerabilities and Exposures

Verify Package Security and Validity

Verifying Packages - Yum

00:08:49

Lesson Description:

We discuss how to verify packages from yum.

Installing and Verifying Packages with RPM

00:07:42

Lesson Description:

We discuss using package verification with RPM.

Hands-on Labs are real live environments that put you in a real scenario to practice what you have learned without any other extra charge or account to manage.

Verify Package Security and Validity

00:00:01

Hands-on Labs are real live environments that put you in a real scenario to practice what you have learned without any other extra charge or account to manage.

Verify Package Security and Validity - Part 2

00:00:01

Verify package security and validity

Identify and Employ Standards-based Practices

Common Standards

00:16:22

Lesson Description:

What are some practices we can do to help secure our servers?

Common Standards - Examples

00:16:05

Lesson Description:

In this lesson, we review some examples from the previous video on common security standards.

Create and Use Encrypted File Systems

00:15:30

Lesson Description:

In this lesson, we encrypt the disk when we install Linux.  We then encrypt a partition that has already been created and mounted.

File System Features

00:09:22

Lesson Description:

In this lesson, we discuss the different file systems available to us.

File System Features - Hands On

00:11:57

Lesson Description:

Let's get hands-on and see how we add a drive to our cloud servers.

Identify and employ standards based practises

Configure Defaults for File Systems

File System Properties for ext4

00:05:45

Lesson Description:

This lesson covers some defaults for use with ext4 file systems.

File System Properties for XFS

00:05:07

Lesson Description:

This lesson discusses the options available for mounting an XFS file system.

Files - SUID

00:11:19

Lesson Description:

This lesson talks about SUID and the setuid attribute. It also shows you how to find programs that use SUID.

Files - GID

00:03:33

Lesson Description:

This lesson covers the use of group identifiers, or GIDs.

Files - Sticky Bit

00:05:14

Lesson Description:

This lesson covers the use of the sticky bit to protect directories.

Files - FACL

00:15:22

Lesson Description:

In this lesson, we learn about File Access Control Lists. 

Hands-on Labs are real live environments that put you in a real scenario to practice what you have learned without any other extra charge or account to manage.

Use setuid for an Executable

00:00:01

Hands-on Labs are real live environments that put you in a real scenario to practice what you have learned without any other extra charge or account to manage.

Use File Access Control Lists

00:00:01

Configure defaults for filesystems

Install and Use Intrusion Detection

Security Tools - AIDE

00:10:54

Lesson Description:

This lesson explores AIDE, its uses, and installation and setup.

Security Tools - OSSEC

00:10:51

Lesson Description:

This lesson discusses the OSSEC intrusion detection tool.

Hands-on Labs are real live environments that put you in a real scenario to practice what you have learned without any other extra charge or account to manage.

Install and Configure AIDE

00:00:01

Install and use intrusion detection

Manage User Account and Password Security

User Accounts

00:09:17

Lesson Description:

In this lesson, we discuss user account security.

Setting User Account Defaults

00:06:26

Lesson Description:

In this lesson, we talk about setting default parameters for users.

Group Accounts and Group Administrators

00:06:56

Lesson Description:

In this lesson, we learn how to set an admin for a group.

Hands-on Labs are real live environments that put you in a real scenario to practice what you have learned without any other extra charge or account to manage.

Update the Default Password Aging Parameters

00:00:01

Hands-on Labs are real live environments that put you in a real scenario to practice what you have learned without any other extra charge or account to manage.

Add a User as a Group Administrator

00:00:01

Manage User account and password security

PAM - Pluggable Authentication Modules

What is PAM

00:06:19

Lesson Description:

Learn the basics of PAM in this lesson.

A Further Look at PAM

00:08:22

Lesson Description:

In this lesson, we examine some PAM configuration files and discuss their contents.

PAM - Pluggable authentication modules

Configure Console Security

Console Security

00:09:49

Lesson Description:

This lesson talks about BIOS passwords and GRUB security, as well as controlling the CTRL+ALT+DELETE process.

Console Security - Hands On

00:08:14

Lesson Description:

In this lesson, we practice the concepts learned earlier by getting hands-on with console security.

Configure console security

Configure System-wide Acceptable Use Notifications

Changing the SSH Banner

00:04:25

Lesson Description:

This lesson is a repeat of a portion of a previous section and discusses adding a banner message to the SSH login process.

Changing the Message of the Day

00:04:22

Lesson Description:

In this lesson, we show how to change the message of the day for our system.

Use a Shell Script to Customize a Message Viewed Upon Login

00:06:01

Lesson Description:

In this lesson, we learn how to customize a message that appears upon login.

Hands-on Labs are real live environments that put you in a real scenario to practice what you have learned without any other extra charge or account to manage.

System Notifications - Lab 1

00:00:01

Hands-on Labs are real live environments that put you in a real scenario to practice what you have learned without any other extra charge or account to manage.

System Notifications - Lab 2

00:00:01

Hands-on Labs are real live environments that put you in a real scenario to practice what you have learned without any other extra charge or account to manage.

System Notifications - Lab 3

00:00:01

Configure system wide acceptible use notifications

Install and Configure Identity Management Service

What is IdM? - Identity Management

00:04:47

Lesson Description:

Learn the basics of identity management with IdM.

Install IdM - Identity Management Server

00:08:02

Lesson Description:

In this lesson, we install the IdM and test if the install worked.

Install IdM on a Client Server

00:10:11

Lesson Description:

In this lesson, we set up a server to use as a client for IdM.

Hands-on Labs are real live environments that put you in a real scenario to practice what you have learned without any other extra charge or account to manage.

Install and Configure Red Hat Identity Management Server

00:00:01

Hands-on Labs are real live environments that put you in a real scenario to practice what you have learned without any other extra charge or account to manage.

Install and Configure Both Master and Client Servers

00:00:02

Install and configure Identity Management Service

Configure Remote System Logging Services

System Logging via rsyslog

00:05:23

Lesson Description:

A brief overview of system logging in Red Hat 6 and CentOS 6.

Managing System Log Files

00:09:10

Lesson Description:

In this lesson, we manage system log files using mechanisms such as log rotation and compression.

Configure Remote Logging Services

00:09:25

Lesson Description:

In this lesson, we use rsyslog to set up remote server logging.

Hands-on Labs are real live environments that put you in a real scenario to practice what you have learned without any other extra charge or account to manage.

Configure Remote Logging

00:00:01

Hands-on Labs are real live environments that put you in a real scenario to practice what you have learned without any other extra charge or account to manage.

Manage Log File Rotation

00:00:01

Configure remote system logging services

Configure System Auditing Services

Configure and Install System Auditing Services

00:06:02

Lesson Description:

This lesson describes what auditd does and how to install and use it.

Review Audit Data

00:11:31

Lesson Description:

In this lesson, we review some of the generated data.

Getting Reports Out of Audit Data

00:05:26

Lesson Description:

In this lesson, we use the aureport command to get some information out of the audit system.

Hands-on Labs are real live environments that put you in a real scenario to practice what you have learned without any other extra charge or account to manage.

Audit Reporting

00:00:01

Configure system auditing services

Network Scanning Tools and IPTables

Install and Use nmap

00:10:57

Lesson Description:

In this lesson, we discuss some tools to use for checking open ports on your servers.

Install and Use nessus

00:09:59

Lesson Description:

In this lesson, we install Nessus, which is a vulnerability scanner.  Note: While useful, Nessus is not covered in the exam.

IPTables Overview

00:06:53

Lesson Description:

In this lesson, we discuss IPTables, what it is, and how it works.

IPTables - Part 2

00:15:41

Lesson Description:

In this lesson, we cover editing the IPTables file and using both the graphical and command line tools for managing firewalls through IPTables.

Hands-on Labs are real live environments that put you in a real scenario to practice what you have learned without any other extra charge or account to manage.

Scan the Network Ports of a Server

00:00:01

Hands-on Labs are real live environments that put you in a real scenario to practice what you have learned without any other extra charge or account to manage.

Configure IPTables

00:00:02

Network scanning tools and iptables

Conclusion

Conclusion

00:02:13

Lesson Description:

Let's take a final review of topics we're expected to know to pass the exam.

Next Steps

00:01:22

Lesson Description:

So, what's next? Find out the next steps after taking this course and where to go to continue your studies.

Get Recognized!

00:00:36

Lesson Description:

Learn how to get recognized by the Linux Academy community.

Practice Exam