Linux Academy Red Hat Certificate of Expertise in Server Hardening Prep Course

Course Instructor
course instructor image
Kevin James
Hi. I am a Server and Network Engineer with over 30 years experience spanning multiple industries, including entertainment, telco, finance, retail, hospitality, pharmaceutical, manufacturing, consulting, among others. I have over 19 years experience working with Linux systems in various roles. I am also Linux, Microsoft, Cisco, Juniper, and VMware certified and have coding/scripting, firewall, and network experience.

Introduction

Meet your Course Author

00:00:49

Introduction to Linux Academy

00:11:48

Course Pre-Requisites

00:02:44

Why server hardening?

00:05:56

Get Recognized!

00:00:36

Identify Red Hat Common Vulnerabilities and Exposures

The CIA Model

00:09:36

Updating Systems

00:07:35

Quiz: Identify Red Hat Common Vulnerabilities and Exposures

Verify Package Security and Validity

Verifying Packages - Yum

00:08:49

Installing and Verifying Packages with RPM

00:07:42

Quiz: Verify package security and validity

Identify and Employ Standards Based Practices

Common Standards

00:16:22

Common Standards - Examples

00:16:05

Create and Use Encrypted File Systems

00:15:30

File System Features

00:09:22

File System Features - Hands On

00:11:57

Quiz: Identify and employ standards based practises

Configure Defaults for Filesystems

File System Properties for EXT4

00:05:45

File System Properties for XFS

00:05:07

Files - suid

00:11:19

Files - gid

00:03:33

Files - Sticky Bit

00:05:14

Files - FACL

00:15:22

Quiz: Configure defaults for filesystems

Install and Use Intrusion Detection

Security Tools - aide

00:10:54

Security Tools - ossec

00:10:51

Quiz: Install and use intrusion detection

Manage User Account and Password Security

User Accounts

00:09:17

Setting User Account Defaults

00:06:26

Group Accounts and Group Administrators

00:06:56

Quiz: Manage User account and password security

PAM - Pluggable Authentication Modules

What is PAM

00:06:19

A Further Look at PAM

00:08:22

Quiz: PAM - Pluggable authentication modules

Configure Console Security

Console Security

00:09:49

Console Security - Hands On.

00:08:14

Quiz: Configure console security

Configure System-Wide Acceptable Use Notifications

Changing the SSH Banner

00:04:25

Changing the Message of the Day

00:04:22

Use a Shell Script to Customize a Message When You Log In

00:06:01

Quiz: Configure system wide acceptible use notifications

Install and Configure Identity Management Service

What is IdM - Identity Management?

00:04:47

Install IdM - Identity Management Server

00:08:02

Install IdM on a Client Server

00:10:11

Quiz: Install and configure Identity Management Service

Configure remote system logging services

System logging via rsyslog

00:05:23

Managing system log files.

00:09:10

Configure remote logging services

00:09:25

Quiz: Configure remote system logging services

Configure System Auditing Services

Configure and Install System Auditing Services

00:06:02

Review Audit Data

00:11:31

Getting Reports Out of the Audit Data

00:05:26

Quiz: Configure system auditing services

Network Scanning Tools and IPTables

Install and Use nmap

00:10:57

Install and Use nessus

00:09:59

IPTables Overview

00:06:53

IPTables - Part 2

00:15:41

Quiz: Network scanning tools and iptables

Conclusion

Conclusion

00:02:13

Next Steps

00:01:22

Get Recognized!

00:00:36

Quiz: Practice Exam

Details

The performance-based Red Hat Certificate of Expertise in Server Hardening exam (EX413) tests your ability to perform a number of systems administration tasks focused on securing servers against unauthorized access.

Study Guides

Red Hat Enterprise 6 Security Guide

This book assists users and administrators in learning the processes and practices of securing workstations and servers against local and remote intrusion, exploitation and malicious activity. Focused on Red Hat Enterprise Linux but detailing concepts and techniques valid for all Linux systems, this guide details the planning and the tools involved in creating a secured computing environment for the data center, workplace, and home. With proper administrative knowledge, vigilance, and tools, systems running Linux can be both fully functional and secured from most common intrusion and exploit methods. Original download site for this document. https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/Security_Guide/index.html

Red Hat Enterprise Linux 6 SE Linux

This guide assists users and administrators in managing and using Security-Enhanced Linux. This document can be downloaded from Red Hat at the following url. https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/Security-Enhanced_Linux/index.html

Red Hat Enterprise Linux 6 Storage Administration Guide

Deploying and configuring single-node storage in Red Hat Enterprise Linux 6. This guide provides instructions on how to effectively manage storage devices and file systems on Red Hat Enterprise Linux 6. It is intended for use by system administrators with basic to intermediate knowledge of Red Hat Enterprise Linux or Fedora. The link to this file on Red Hat can be found below. https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/Storage_Administration_Guide/index.html

Red Hat Enterprise Linux 7 Security Guide

A Guide to Securing Red Hat Enterprise Linux 7. This book assists users and administrators in learning the processes and practices of securing workstations and servers against local and remote intrusion, exploitation, and malicious activity. Focused on Red Hat Enterprise Linux but detailing concepts and techniques valid for all Linux systems, this guide details the planning and the tools involved in creating a secured computing environment for the data center, workplace, and home. With proper administrative knowledge, vigilance, and tools, systems running Linux can be both fully functional and secured from most common intrusion and exploit methods. This document can be downloaded from Red Hat at the following url. https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/Security_Guide/

Red Hat Enterprise Linux 7 SE Linux

Basic and advanced configuration of Security-Enhanced Linux (SELinux). Note: This document is under development, is subject to substantial change, and is provided only as a preview. The included information and instructions should not be considered complete, and should be used with caution. This book consists of two parts: SELinux and Managing Confined Services. The former describes the basics and principles upon which SELinux functio ns , the latter is m o re fo cus ed on practical tas ks to s et up and co nfigure vario us s ervices . This document can be found on the Red Hat site at the following url. https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/SELinux_Users_and_Administrators_Guide/

Red Hat Enterprise Linux 6 Deployment Guide

The Deployment Guide documents relevant information regarding the deployment, configuration and administration of Red Hat Enterprise Linux 6. It is oriented towards system administrators with a basic understanding of the system.

Red Hat Enterprise Linux 6 Identity Management Guide

Identity and policy management — for both users and machines — is a core function for almost any enterprise environment. IPA provides a way to create an identity domain that allows machines to enroll to a domain and immediately access identity information required for single sign-on and authentication services, as well as policy settings that govern authorization and access. This manual covers all aspects of installing, configuring, and managing IPA domains, including both servers and clients. This guide is intended for IT and systems administrators.

Slides used during this course

PDF copy of the powerpoint slides used during this course.

Study Guide

This is the Study Guide for this course.

Setuid test program

This test program is a c program thats been compiled. It will show you what user the program is being run as. Here is the code if you wanted to compile it yourself. Or you have problems running it on your system. #include #include int main(int argc, char** argv) { printf("%d", geteuid()); printf("\n"); return 0; } Save the code into a file called setuid-test.c Then if you have gcc installed you can use the following command to compile it. gcc -o setuid-test setuid-test.c

Instructor Deck

Community

Looking For Team Training?

Learn More