Linux Security: Red Hat Certificate of Expertise in Server Hardening (EX413) and LPIC-3 303 (Security) Exams

Linux Security: Red Hat Certificate of Expertise in Server Hardening (EX413) and LPIC-3 303 (Security) Exams

by Sander van Vugt
Released August 2016
Publisher(s): Pearson
ISBN: 0134598342

Read it now on the O’Reilly learning platform with a 10-day free trial.

O’Reilly members get unlimited access to books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Video description

Duration

More than 13 hours of video instruction.

Overview

Learn everything you need to know about Linux security in one title.

Description

Linux Security Complete Video Course teaches you everything you need to know to build a safe Linux environment. Taught by best-selling author and trainer Sander van Vugt, Linux Security Complete Video Course covers every aspect of Linux security, including Linux operating system security, managing Linux user security, securing Linux services, and securing Linux infrastructure.

The topics in this course cover all the exam objectives and prepare you for the two most significant certifications in the field of Linux security: the Red Hat RHCA Server Hardening (EX413) exam and the LPIC-3 exam 303 "Linux Security" exam. Even if you're preparing for just one of the exams, it’s recommend that you watch all the lessons in this course, which lays out a framework for understanding Linux security, mitigating threats, and responding to incidents.

The material provided in this course is designed to help you learn and prepare in the best possible way. Each lesson provides an end-of-lesson lab that walks you through real-world scenarios as you learn. They also act as assignments to help you prepare for the scenarios you will encounter on the Red Hat Server Hardening exam. These labs are provided as text as well as video solutions so you can work through them on your own and then compare your work to the author’s.

The video lessons cover the following topics:

Module 1: Linux Operating System Security
Lesson 1: Keeping Linux up-to-date
Lesson 2: Managing file system security properties
Lesson 3: Securing server access
Lesson 4: Configuring system logging
Lesson 5: Managing system auditing
Lesson 6: Managing mandatory access control (MAC)
Lesson 7: Managing kernel security

Module 2: Managing Linux User Security
Lesson 8: Managing Linux permissions and attributes
Lesson 9: Managing user accounts
Lesson 10: Installing central authentication

Module 3: Securing Linux Services
Lesson 11: Securing services
Lesson 12: Securing network file systems
Lesson 13: Applying secure remote access solutions

Module 4: Securing Linux Infrastructure
Lesson 14: Sniffing and port scanning
Lesson 15: Configuring analyzing and intrusion detection tools
Lesson 16: Managing firewalls
Lesson 17: Managing certificates and public key infrastructures
Lesson 18: Managing GPG

About the Instructor

Sander van Vugt is an independent Linux trainer, author, and consultant living in the Netherlands. Sander has written numerous books about different Linux-related topics and many articles for Linux publications around the world. Sander is the author of the Red Hat RHCSA Complete Video Course, the Red Hat RHCSA/RHCE Cert Guide, and many other titles from Pearson. He has been teaching Red Hat, Ubuntu, SUSE, Linux Foundation, and LPI Linux classes since 1994. As a consultant, he specializes in Linux high availability solutions and performance optimization. More information about Sander is on his website at www.sandervanvugt.com.

Skill Level

  • Intermediate

What You Will Learn

  • Linux security
  • Red Hat RHCA Server Hardening exam
  • LPIC-3 Security exam

Who Should Take This Course
This course works best for an audience that already has acquired some experience working with Linux. If you are a beginner or you need some a refresher course, you can start with the "Beginning Linux System Administration" course, the Red Hat Certified Systems Administrator (RHCSA) Complete Video Course, or the CompTIA Linux+ / LPIC-1 Complete Video Course.

About LiveLessons Video Training

LiveLessons Video Training series publishes hundreds of hands-on, expert-led video tutorials covering a wide selection of technology topics designed to teach you the skills you need to succeed. This professional and personal technology video series features world-leading author instructors published by your trusted technology brands: Addison-Wesley, Cisco Press, IBM Press, Pearson IT Certification, Prentice Hall, Sams, and Que. Topics include IT Certification, Programming, Web Development, Mobile Development, Home and Office Technologies, Business and Management, and more.
View all LiveLessons on InformIT at http://www.informit.com/livelessons.

Table of contents

  1. Introduction
    1. Linux Security: Introduction
    2. Getting Started: Setting up a lab environment
  2. Module 1: Linux Operating System Security
    1. Intro
  3. Lesson 1: Keeping Linux up-to-date
    1. Learning objectives
    2. 1.1 Developing an update strategy
    3. 1.2 Applying security updates on Red Hat
    4. 1.3 Applying security updates on Ubuntu
    5. 1.4 Validating packages
    6. Lesson 1 Lab
    7. Lesson 1 Lab Solution
  4. Lesson 2: Managing file system security properties
    1. Learning objectives
    2. 2.1 Creating encrypted volumes—Part 1
    3. 2.2 Creating encrypted volumes—Part 2
    4. 2.3 Using security related mount options
    5. 2.4 Monitoring file system changes (AIDE)
    6. Lesson 2 Lab
    7. Lesson 2 Lab Solution
  5. Lesson 3: Securing server access
    1. Learning objectives
    2. 3.1 Securing the GRUB boot loader
    3. 3.2 Modifying text console settings
    4. 3.3 Modifying graphical console settings
    5. Lesson 3 Lab
    6. Lesson 3 Lab Solution
  6. Lesson 4: Configuring system logging
    1. Learning objectives
    2. 4.1 Understanding Linux logging
    3. 4.2 Configuring secure remote logging: Creating the CA
    4. 4.3 Configuring secure remote logging: Configuring the key material
    5. 4.4 Configuring secure remote logging: Setting up the log server
    6. 4.5 Configuring secure remote logging: Setting up log filtering
    7. 4.6 Managing log rotation
    8. 4.7 Making journald logs persistent
    9. 4.8 Using Logwatch for log analysis
    10. Lesson 4 Lab
    11. Lesson 4 Lab Solution
  7. Lesson 5: Managing system auditing
    1. Learning objectives
    2. 5.1 Reading the audit log
    3. 5.2 Configuring auditing
    4. 5.3 Audit reporting
    5. 5.4 Writing custom audit rules
    6. 5.5 Using predefined audit sets
    7. Lesson 5 Lab
    8. Lesson 5 Lab Solution
  8. Lesson 6: Managing mandatory access control (MAC)
    1. Learning objectives
    2. 6.1 Understanding the need for MAC
    3. 6.2 Comparing SELinux to AppArmor
    4. 6.3 Configuring AppArmor
    5. 6.4 Understanding SELinux workings
    6. 6.5 Configuring SELinux file context
    7. 6.6 Configuring SELinux port context
    8. 6.7 Analyzing SELinux events
    9. 6.8 Writing custom SELinux modules
    10. 6.9 Managing users in SELinux
    11. 6.10 Other MAC solutions (Smack)
    12. Lesson 6 Lab
    13. Lesson 6 Lab Solution
  9. Lesson 7: Managing kernel security
    1. Learning objectives
    2. 7.1 Understanding kernel security architecture
    3. 7.2 Linux kernel security issues
    4. 7.3 Fixing Linux kernel vulnerabilities
    5. Lesson 7 Lab
    6. Lesson 7 Lab Solution
  10. Module 2: Managing Linux User Security‚Äã
    1. Intro
  11. Lesson 8: Managing Linux permissions and attributes
    1. Learning objectives
    2. 8.1 Summarizing basic permission usage
    3. 8.2 Managing special permissions
    4. 8.3 Finding files with special permissions
    5. 8.4 Managing default permissions
    6. 8.5 Managing access control lists
    7. 8.6 Using extended attributes
    8. Lesson 8 Lab
    9. Lesson 8 Lab Solution
  12. Lesson 9: Managing user accounts
    1. Learning objectives
    2. 9.1 Managing password properties
    3. 9.2 Auditing user accounts
    4. 9.3 Understanding PAM Part 1
    5. 9.4 Understanding PAM Part 2
    6. 9.5 Understanding security related PAM options
    7. 9.6 Configuring PAM
    8. 9.7 Applying account lockout with PAM Tally
    9. 9.8 Configuring sudo
    10. Lesson 9 Lab
    11. Lesson 9 Lab Solution
  13. Lesson 10: Installing central authentication
    1. Learning objectives
    2. 10.1 Understanding LDAP
    3. 10.2 Understanding Kerberos
    4. 10.3 Installing FreeIPA server
    5. 10.4 Installing FreeIPA clients
    6. 10.5 Understanding the role of sssd
    7. 10.6 Managing users and groups on FreeIPA
    8. 10.7 Setting policies on FreeIPA
    9. 10.8 Configuring centralized sudo rules
    10. Lesson 10 Lab
    11. Lesson 10 Lab Solution
  14. Module 3: Securing Linux Services
    1. Intro
  15. Lesson 11: Securing services
    1. Learning objectives
    2. 11.1 Understanding DNS security issues
    3. 11.2 Securing DNS
    4. 11.3 Securing Apache
    5. 11.4 Securing e-mail
    6. 11.5 Securing SSH
    7. 11.6 Securing vsftpd
    8. Lesson 11 Lab
    9. Lesson 11 Lab Solution
  16. Lesson 12: Securing network file systems
    1. Learning objectives
    2. 12.1 Understanding NFSv4 security improvements
    3. 12.2 Configuring NFSv4 server and clients
    4. 12.3 Understanding NFSv4 authentication mechanisms
    5. 12.4 Using NFSv4 pseudo file systems
    6. 12.5 Understanding NFSv4 ACLS
    7. 12.6 Understanding and using CIFS UNIX extensions
    8. 12.7 Understanding and configuring CIFS security modes (NTLM, Kerberos)
    9. 12.8 Managing, mapping and handling of CIFS, ACLs and SIDs
    10. Lesson 12 Lab
    11. Lesson 12 Lab Solution
  17. Lesson 13: Applying secure remote access solutions
    1. Learning objectives
    2. 13.1 Configuring FreeRADIUS to authenticate network nodes
    3. 13.2 Identifying and dealing with rogue router advertisements and DHCP
    4. 13.3 Configuring and operating OpenVPN server and clients
    5. 13.4 Configuring and operating IPsec server and clients
    6. Lesson 13 Lab
    7. Lesson 13 Lab Solution
  18. Module 4: Securing Linux Infrastructure
    1. Intro
  19. Lesson 14: Sniffing and port scanning
    1. Learning objectives
    2. 14.1 Understanding network sniffing
    3. 14.2 Using tcpdump and Wireshark for package capture
    4. 14.3 Introducing nmap
    5. 14.4 Understanding Nessus
    6. 14.5 Using tripwire
    7. Lesson 14 Lab
    8. Lesson 14 Lab Solution
  20. Lesson 15: Configuring analyzing and intrusion detection tools
    1. Learning objectives
    2. 15.1 Introducing Snort
    3. 15.2 Performing a base Snort configuration
    4. 15.3 Understanding Snort output
    5. 15.4 Introducing Nagios
    6. 15.5 Using ntop
    7. 15.6 Using John the Ripper
    8. 15.7 Introducing Puppet
    9. Lesson 15 Lab
    10. Lesson 15 Lab Solution
  21. Lesson 16: Managing firewalls
    1. Learning objectives
    2. 16.1 Understanding IPtables basics
    3. 16.2 Advanced IPtables usage
    4. 16.3 Working with firewalld
    5. 16.4 Working with ufw
    6. Lesson 16 Lab
    7. Lesson 16 Lab Solution
  22. Lesson 17: Managing certificates and public key infrastructures
    1. Learning objectives
    2. 17.1 Understand x.509 certificates and their properties
    3. 17.2 Understanding trust chains and public key infrastructures
    4. 17.3 Generating and managing public and private keys
    5. 17.4 Creating, operating, and securing a certification authority
    6. 17.5 Request, sign, and manage server and client certificates
    7. 17.6 Revoke certificates and certification authorities
    8. 17.7 Using openssl for SSL/TLS client and server tests
    9. 17.8 Using the openssl commnad for testing TLS certificates
    10. Lesson 17 Lab
    11. Lesson 17 Lab Solution
  23. Lesson 18: Managing GPG
    1. Learning objectives
    2. 18.1 Performing Basic GnuPG configuration, usage, and key revocation
    3. 18.2 Using GnuPG in e-mail
    4. 18.3 Using GnuPG to encrypt files
    5. Lesson 18 Lab
    6. Lesson 18 Lab Solution
  24. Summary
    1. Linux Security: Summary

Product information

  • Title: Linux Security: Red Hat Certificate of Expertise in Server Hardening (EX413) and LPIC-3 303 (Security) Exams
  • Author(s): Sander van Vugt
  • Release date: August 2016
  • Publisher(s): Pearson
  • ISBN: 0134598342