Course Code: 1144

Enterprise Linux Security Administration

Class Dates:
7/28/2025
9/29/2025
Length:
5 Days
Cost:
$2795.00
Class Time:
Technology:
Security
Delivery:
Instructor-Led Training, Virtual Instructor-Led Training

Overview

  • Course Overview
  • This course offers an extensive exploration into the security features and protocols necessary for maintaining robust security on Enterprise Linux systems. Designed for system administrators, security professionals, and IT personnel responsible for Linux systems, the course covers a variety of topics aimed at enhancing the security infrastructure of organizations.

    The course begins with fundamental security concepts where participants learn about essential security principles such as minimization, hardening, and simplification of systems. It progresses through detailed explanations of tools and methods for scanning, probing, and mapping vulnerabilities, thus equipping attendees with the skills needed to identify and mitigate potential security threats. Each module is structured to provide both theoretical knowledge and practical skills through hands-on labs, ensuring that participants can apply what they've learned in real-world scenarios.

  • Audience
  • System Administrators: Individuals responsible for the daily management of Linux-based servers and systems, who need to ensure these are secure from unauthorized access and vulnerabilities.
    Security Professionals: Those specializing in cybersecurity who are looking to deepen their understanding of security practices specifically tailored to Linux environments.
    IT Professionals: General IT staff who require a comprehensive knowledge of Linux security to support and safeguard their organization's technology infrastructure.
    Network Administrators: Professionals in charge of managing and securing network communications and services on Linux systems.
    Technical Support Staff: Support personnel who need to understand security configurations and vulnerabilities to effectively troubleshoot and maintain Linux systems within their organizations.

    Supported Distributions:, Red Hat Enterprise Linux 7, SUSE Linux Enterprise 12

Prerequisites

  • This class covers advanced security topics and is intended for experienced systems administrators. Candidates should have current Linux or UNIX systems administration experience equivalent to the "Linux Fundamentals", "Enterprise Linux Systems Administration", and "Enterprise Linux Network Services"

    In more advanced sections, the course delves into specific security protocols and configurations, such as Kerberos for secure network authentication and SELinux for enforcing security policies. These modules are particularly crucial as they address complex security challenges and provide the tools to configure, manage, and troubleshoot advanced security settings on Linux systems. Through structured labs and detailed guides, participants gain proficiency in securing file systems, managing user authentication, and securing network services like Apache and PostgreSQL, all within the security frameworks provided by Enterprise Linux environments.

  • Recommended Courses:

  • Linux Fundamentals
  • Linux - Enterprise Linux Networking Services

Course Disclaimer

*Course Cost listed does not include the cost of courseware or exam. Course is subject to a minimum enrollment to run. Course may run virtually as a Virtual Instructor-Led (VILT) class if the minimum enrollment is not met. If the course is under the minimum enrollment the course may run as 4 day class (Bootcamp Style).

Course Details

  • Security Concepts
  • Basic Security Principles
  • RHEL7 Default Install
  • RHEL7 Firewall,
  • SUSE Basic Firewall Configuration
  • SLES12: File Security
  • Minimization – Discovery
  • Service Discovery, Hardening, Security Concepts
  • LAB TASKS: Removing Packages Using RPM,
  • Firewall Configuration, Process Discovery
  • Operation of the setuid() and capset() System Calls
  • Operation of the chroot() System Call
  • Scanning, Probing and Mapping Vulnerabilities
  • The Security Environment
  • Stealth Reconnaissance
  • The WHOIS database
  • Interrogating DNS
  • Discovering Hosts
  • Discovering Reachable Services
  • Reconnaissance with SNMP
  • Discovery of RPC Services
  • Ennumerating NFS Shares
  • Nessus Insecurity Scanner
  • Configuring OpenVAS, Intrusion Detection Systems, Snort Rules,Writing Snort Rules
  • LAB TASKS: NMAP, OpenVAS, Advanced nmap Options
  • Password Security and PAM
  • UNIX Passwords, Password Aging, Auditing Passwords
  • PAM Overview, PAM Module Types, PAM Order of Processing, PAM Control Statements
  • PAM Modules, pam_unix, pam_cracklib.so, pam_pwcheck.so
  • pam_env.so, pam_xauth.so,pam_tally2.so, pam_wheel.so
  • pam_limits.so, pam_nologin.so
  • pam_deny.so, pam_warn.so, pam_securetty.so, pam_time.so
  • pam_access.so, pam_listfile.so, pam_lastlog.so
  • pam_console.so
  • LAB TASKS: John the Ripper, Cracklib, Using pam_listfile to Implement Arbitrary ACLs
  • Using pam_limits to Restrict Simultaneous Logins
  • Using pam_nologin to Restrict Logins
  • Using pam_access to Restrict Logins,su & pam
  • Secure Network Time Protocol (NTP)
  • The Importance of Time
  • Hardware and System Clock, Time Measurements
  • NTP Terms and Definitions, Synchronization Methods
  • NTP Evolutions, Time Server Hierarchy
  • Operational Modes, NTP Clients
  • Configuring NTP Clients and Servers
  • Securing NTP, NTP Packet Integrity
  • Useful NTP Commands
  • LAB TASKS: Configuring and Securing NTP
  • Peering NTP with Multiple Systems
  • Kerberos Concepts and Components
  • Common Security Problems, Account Proliferation
  • The Kerberos Solution, Kerberos History
  • Kerberos Implementation
  • Kerberos Concepts, Kerberos Principals
  • Kerberos Safeguards, Kerberos Components
  • Authenitcation Process, Identification Types
  • Logging In, Gaining Privileges
  • Using Privileges, Kerberos Components and the KDC
  • Kerberized Services Review
  • KDC Server Daemons
  • Configuration Files
  • Utilities Overview
  • Implementing Kerberos
  • Plan Topology and Implementation, Kerberos 5 Client Software
  • Kerberos 5 Server Software, Synchronize Clocks
  • Create Master KDC, Configuring the Master KDC
  • KDC Logging, Kerberos Realm Defaults,
  • Specifying [realms], Specifying [domain_realm]
  • Allow Administrative Access, Create KDC Databases
  • Create Administrators, Install Keys for Services, Start Services
  • Add Host Principals, Add Common Service Principals,
  • Configure Slave KDCs, Create Principals for Slaves, Define Slaves as KDCs
  • Copy Configuration to Slaves, Install Principals on Slaves, Synchronization of Database
  • Propagate Data to Slaves, Create Stash on Slaves, Start Slave Daemons
  • Client Configuration, Install krb5.conf on Clients, Client PAM Configuration,Install Client Host Keys, LAB TASKS - Implementing Kerberos
  • Administering and Using Kerberos
  • Administrative Tasks, Key Tables
  • Managing Keytypes, Managing Prinicpals
  • Viewing Principals
  • Adding, Deleting and Modifying Principals
  • Principal Policy, Overall Goals for Users
  • Signing into Kerberos
  • Ticket Types, Viewing Tickets
  • Removing Tickets, Passwords, Changing Passwords, Giving Others Access
  • Using Kerberized Services, Kerberized FTP,
  • Enabling Kerberized Services, OpenSSH and Kerberos
  • LAB TASKS - Using Kerberized Clients, Forwarding Kerberos Tickets
  • OpenSSH with Kerberos, Wireshark and Kerberos
  • Securing the Filesystem
  • Filesystem Mount Options
  • NFS Properties, NFS Export Option
  • NFSv4 and GSSAPI Auth
  • Implementing NFSv4
  • Implementing Kerberos with NFS
  • GPG – GNU Privacy Guard
  • File Encryption with OpenSSL, File Encryption With encfs
  • Linux Unified Key Setup (LUKS)
  • LAB TASKS: Securing Filesystems, Securing NFS
  • Implementing NFSv4, File Encryption with GPG
  • File Encryption With OpenSSL
  • LUKS-on-disk format Encrypted Filesystem
  • AIDE
  • Host Intrusion Detection Systems
  • Using RPM as a HIDS
  • Introduction to AIDE
  • AIDE installation
  • AIDE Policies
  • AIDE Usage Chapter Selection
  • LAB TASKS:
  • File Integrity Checking with RPM
  • File Integrity Checking with AIDE
  • Accountablility with Kernel Audit
  • Accountability and Auditing
  • Simple Session Auditing
  • Simple Process Accounting and Command History
  • Kernel-Level Auditing
  • Configuring the Audit Daemon
  • Controlling Kernel Audit System
  • Creating Audit Rules
  • Searching Audit Logs
  • Generating Audit Log Reports
  • Audit Log Analysis
  • LAB TASKS: Auditing Login/Logout, Auditing File Access
  • Auditing Command Execution
  • SE Linux
  • DAC vs. MAC, Shortcomings of Traditional Unix Security
  • AppArmor, SELinux Goals, SELinux Evolution
  • SELinux Modes, Gathering SELinux Information, SELinux Virtual Filesystem
  • SELinux Contexts, Managing Contexts, The SELinux Policy
  • Choosing an SELinux Policy, Policy Layout, Tuning and Adapting Policy
  • Booleans, Permissive Domains, Managing File Context Database
  • Managing Port Contexts, SELinux Policy Tools, Examining Policy
  • SELinux Troubleshooting, SELinux Troubleshooting Continued
  • LAB TASKS: Exploring SELinux Modes, Exploring AppArmor Modes
  • SELinux Contexts in Action, Exploring AppArmor
  • Managing SELinux Booleans, Creating Policy with Audit2allow
  • Creating & Compiling Policy from Source
  • Security Apache
  • Apache Overview, httpd.conf - Server Settings
  • Configuring CGI, Turning off Unneeded Modules
  • Delegating Administration
  • Apache Access Controls (mod_access)
  • HTTP User Authenication, Standard Auth Modules
  • HTTP Digest Authentication
  • Authentication via SQL, Authentication via LDAP
  • Authentication via Kerberos
  • Scrubbing HTTP Headers, Metering HTTP Bandwidth
  • LAB TASKS: - Hardening Apache by Minimizing Loaded Modules, Scrubbing Apache & PHP Version Headers
  • Protecting Web Content, Using the suexec Mechanism, Create a TLS CA key pair, Using SSL CA Certificates with Apache
  • Enable Apache SSL Client Certificate Authentication, Enabling SSO in Apache with mod_auth_kerb
  • Securing PostgreSQL
  • PostgreSQL Overview, Postgre SQL Default Config
  • Configuring TLS, Client Authentication Basics
  • Client Authentication Basics
  • Advanced Authentication, Ident-based Authentication
  • LAB TASKS: Configure PostgreSQL
  • PostgreSQL with TLS
  • PostgreSQL with Kerberos Authentication
  • Securing PostgreSQL with Web Based Applications
  • SECURING EMAIL SYSTEMS
  • SMTP Implementations
  • Security Considerations
  • chrooting Postfix
  • Email with GSSAPI/Kerberos Auth
  • LAB TASKS: Postfix In a Change Root Environment