Red Hat Certified Specialist in Server Hardening Prep Course

Training Architect
course instructor image
Terrence Cox
A veteran of twenty years in Information Technology in a variety of roles. He has worked in development, security and infrastructure well before they merged into what we now call DevOps. He provides training in Linux, VMWare, DevOps (Ansible, Jenkins, etc) as well as containers and AWS topics.

Introduction

Meet Your Course Author
00:00:49
Introduction to Linux Academy
00:11:48
Course Prerequisites
00:02:44
Why Server Hardening?
00:05:56
Get Recognized!
00:00:36

Identify Common Red Hat Vulnerabilities and Exposures

The CIA Model
00:09:36
Updating Systems
00:07:35
Hands-On-Lab: Updating Software on Linux
01:00:00
Quiz: Identify Red Hat Common Vulnerabilities and Exposures

Verify Package Security and Validity

Verifying Packages - Yum
00:08:49
Installing and Verifying Packages with RPM
00:07:42
Learning-Activity: Verify Package Security and Validity
01:00:00
Learning-Activity: Verify Package Security and Validity - Part 2
02:00:00
Quiz: Verify package security and validity

Identify and Employ Standards-based Practices

Common Standards
00:16:22
Common Standards - Examples
00:16:05
Create and Use Encrypted File Systems
00:15:30
File System Features
00:09:22
File System Features - Hands On
00:11:57
Quiz: Identify and employ standards based practises
Hands-On-Lab: Add a New File System to the Server
01:00:00

Configure Defaults for File Systems

File System Properties for ext4
00:05:45
File System Properties for XFS
00:05:07
Files - SUID
00:11:19
Files - GID
00:03:33
Files - Sticky Bit
00:05:14
Files - FACL
00:15:22
Learning-Activity: Use setuid for an Executable
01:00:00
Learning-Activity: Use File Access Control Lists
01:00:00
Quiz: Configure defaults for filesystems

Install and Use Intrusion Detection

Security Tools - AIDE
00:10:54
Security Tools - OSSEC
00:10:51
Learning-Activity: Install and Configure AIDE
01:00:00
Quiz: Install and use intrusion detection

Manage User Account and Password Security

User Accounts
00:09:17
Setting User Account Defaults
00:06:26
Group Accounts and Group Administrators
00:06:56
Learning-Activity: Update the Default Password Aging Parameters
01:00:00
Learning-Activity: Add a User as a Group Administrator
01:00:00
Quiz: Manage User account and password security

PAM - Pluggable Authentication Modules

What is PAM
00:06:19
A Further Look at PAM
00:08:22
Quiz: PAM - Pluggable authentication modules

Configure Console Security

Console Security
00:09:49
Console Security - Hands On
00:08:14
Quiz: Configure console security

Configure System-wide Acceptable Use Notifications

Changing the SSH Banner
00:04:25
Changing the Message of the Day
00:04:22
Use a Shell Script to Customize a Message Viewed Upon Login
00:06:01
Learning-Activity: System Notifications - Lab 1
01:00:00
Learning-Activity: System Notifications - Lab 2
01:00:00
Learning-Activity: System Notifications - Lab 3
01:00:00
Quiz: Configure system wide acceptible use notifications

Install and Configure Identity Management Service

What is IdM? - Identity Management
00:04:47
Install IdM - Identity Management Server
00:08:02
Install IdM on a Client Server
00:10:11
Learning-Activity: Install and Configure Red Hat Identity Management Server
01:00:00
Learning-Activity: Install and Configure Both Master and Client Servers
02:00:00
Quiz: Install and configure Identity Management Service

Configure Remote System Logging Services

System Logging via rsyslog
00:05:23
Managing System Log Files
00:09:10
Configure Remote Logging Services
00:09:25
Learning-Activity: Configure Remote Logging
01:00:00
Learning-Activity: Manage Log File Rotation
01:00:00
Quiz: Configure remote system logging services

Configure System Auditing Services

Configure and Install System Auditing Services
00:06:02
Review Audit Data
00:11:31
Getting Reports Out of Audit Data
00:05:26
Learning-Activity: Audit Reporting
01:00:00
Quiz: Configure system auditing services

Network Scanning Tools and IPTables

Install and Use nmap
00:10:57
Install and Use nessus
00:09:59
IPTables Overview
00:06:53
IPTables - Part 2
00:15:41
Learning-Activity: Scan the Network Ports of a Server
01:00:00
Learning-Activity: Configure IPTables
02:00:00
Quiz: Network scanning tools and iptables

Conclusion

Conclusion
00:02:13
Next Steps
00:01:22
Get Recognized!
00:00:36
Quiz: Practice Exam

Details

The performance-based Red Hat Certificate of Expertise in Server Hardening exam (EX413) tests your ability to perform a number of systems administration tasks focused on securing servers against unauthorized access.

Study Guides

Red Hat Enterprise 6 Security Guide

This book assists users and administrators in learning the processes and practices of securing workstations and servers against local and remote intrusion, exploitation, and malicious activity. Focused on Red Hat Enterprise Linux but detailing concepts and techniques valid for all Linux systems, this guide details the planning and tools involved in creating a secure computing environment for the data center, workplace, and home. With proper administrative knowledge, vigilance, and tools, systems running Linux can be both fully functional and secured from most common intrusion and exploit methods. Original download site for this document. https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/Security_Guide/index.html

Red Hat Enterprise Linux 6 SE Linux

This guide assists users and administrators in managing and using Security-Enhanced Linux. This document can be downloaded from Red Hat at the following URL: https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/Security-Enhanced_Linux/index.html

Red Hat Enterprise Linux 6 Storage Administration Guide

This guide provides instructions on how to effectively manage storage devices and file systems on Red Hat Enterprise Linux 6. It is intended for use by system administrators with basic to intermediate knowledge of Red Hat Enterprise Linux or Fedora. The link to this file on Red Hat can be found below: https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/Storage_Administration_Guide/index.html

Red Hat Enterprise Linux 7 Security Guide

This book assists users and administrators in learning the processes and practices of securing workstations and servers against local and remote intrusion, exploitation, and malicious activity. Focused on Red Hat Enterprise Linux but detailing concepts and techniques valid for all Linux systems, this guide details the planning and the tools involved in creating a secure computing environment for the data center, workplace, and home. With proper administrative knowledge, vigilance, and tools, systems running Linux can be both fully functional and secured from most common intrusion and exploit methods. This document can be downloaded from Red Hat at the following URL: https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/Security_Guide/

Red Hat Enterprise Linux 7 - SELinux

Note: This document is under development, subject to substantial change, and provided only as a preview. The included information and instructions should not be considered complete and should be used with caution. This book consists of two parts: SELinux and Managing Confined Services. The former describes the basics and principles upon which SELinux functions , the latter is more focused on practical tasks to set up and configure various services. This document can be found on the Red Hat site at the following URL: https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/SELinux_Users_and_Administrators_Guide/

Red Hat Enterprise Linux 6 Deployment Guide

The Deployment Guide documents relevant information regarding the deployment, configuration, and administration of Red Hat Enterprise Linux 6. It is oriented towards system administrators with a basic understanding of the system.

Red Hat Enterprise Linux 6 Identity Management Guide

Identity and policy management — for both users and machines — is a core function for almost any enterprise environment. IPA provides a way to create an identity domain that allows machines to enroll to a domain and immediately access identity information required for single sign-on and authentication services, as well as policy settings that govern authorization and access. This manual covers all aspects of installing, configuring, and managing IPA domains, including both servers and clients. This guide is intended for IT and systems administrators.

Course Slides

A downloadable copy of the slides used in this course.

Study Guide

The course study guide, detailing all information we need to know to pass the exam.

setuid Test Program

This test program in written in C and will show you what user the program is being run as. Here is the code if you wanted to compile it yourself: #include <stdio.h> #include <unistd.h> int main(int argc, char** argv) { printf("%d", geteuid()); printf("\n"); return 0; } Save the code into a file called setuid-test.c Then, if you have gcc installed, you can use the following command to compile it: gcc -o setuid-test setuid-test.c

Instructor Deck

Community

certificate ribbon icon

Earn a Certificate of Completion

When you complete this course, you’ll receive a certificate of completion as proof of your accomplishment.

Looking For Team Training?

Learn More