Enterprise Linux Server Hardening – GL413
Course Duration
4 Days
Audience
Employees of federal, state and local governments; and businesses working with the government.
Prerequisites
Knowledge equivalent to GL120 Linux Fundamentals and GL250 Enterprise Linux Systems Administration.
Course Description
This course teaches students how to harden Red Hat Enterprise Linux servers against security threats. Topics include security concepts, minimizing the default installation, service hardening, host-based firewalls, SELinux, auditing, and encryption — equipping administrators to build and maintain more secure Linux environments.
Course Outline
- SECURITY CONCEPTS Basic Security Principles
- RHEL7 Default Install
- Minimization – Discovery
- Service Discovery
- Hardening
- Security Concepts
- Removing Packages Using RPM
- Firewall Configuration
- Process Discovery
- Operation of the setuid() and capset() System Calls
- Operation of the chroot() System Call
- Introduction to Troubleshooting Labs
- SCANNING, PROBING, AND MAPPING VULNERABILITIES The Security Environment
- Stealth Reconnaissance
- The WHOIS database
- Interrogating DNS
- Discovering Hosts
- Discovering Reachable Services
- Reconnaissance with SNMP
- Discovery of RPC Services
- Enumerating NFS Shares
- Nessus/OpenVAS Insecurity Scanner
- Configuring OpenVAS
- Intrusion Detection Systems
- Snort Rules
- Writing Snort Rules
- NMAP
- OpenVAS
- Advanced nmap Options
- TRACKING SECURITY UPDATES AND SOFTWARE MAINTENANCE Security Advisories