Enterprise Linux Security Administration (LN4990)

Related trainings

Exclusives

  • Video recording: 365 days of access to your course for viewing
  • Technical lab: Available for 15 days of online access
  • Class material: Delivered in digital format for everyone, downloadable, accessible during and after the training
  • Proof of attendance: Digital badge and completion certificate available for all participants
  • Fast and guaranteed schedule: Maximum wait of 4 to 6 weeks after participant registrations, guaranteed date

This highly technical five-day Linux training focuses on properly securing machines running Linux operating systems. A wide range of general security techniques, such as packet filtering, password policies, and file integrity verification, are covered. Advanced security technologies like Kerberos and SELinux are taught. Particular attention is given to securing commonly deployed network services. By the end of the course, students will have an excellent understanding of potential security vulnerabilities, know how to audit existing machines, and how to securely deploy new network services.

Expand

Private class

Inquire for this training to be delivered exclusively for the members of your organization.

Training plan

  • Basic Security Principles
  • RHEL6 Default Install
  • RHEL6 Firewall
  • SLES11 Default Install
  • SLES11 Firewall
  • SLES11: File Security
  • Minimization – Discovery
  • Service Discovery
  • Hardening
  • Security Concepts
  • The Security Environment
  • Stealth Reconnaissance
  • The WHOIS database
  • Interrogating DNS
  • Discovering Hosts
  • Discovering Reachable Services
  • Reconnaissance with SNMP
  • Discovery of RPC Services
  • Enumerating NFS Shares
  • Nessus Insecurity Scanner
  • Configuring OpenVAS
  • UNIX Passwords
  • Password Aging
  • Auditing Passwords
  • PAM Overview
  • PAM Module Types
  • PAM Order of Processing
  • PAM Control Statements
  • PAM Modules
  • pam_unix
  • pam_cracklib.so
  • pam_pwcheck.so
  • pam_env.so
  • pam_xauth.so
  • pam_tally2.so
  • pam_wheel.so
  • pam_limits.so
  • pam_nologin.so
  • pam_deny.so
  • pam_warn.so
  • pam_securetty.so
  • pam_time.so
  • pam_access.so
  • pam_listfile.so
  • pam_lastlog.so
  • pam_console.so
  • The Importance of Time
  • Hardware and System Clock
  • Time Measurements
  • NTP Terms and Definitions
  • Synchronization Methods
  • NTP Evolution
  • Time Server Hierarchy
  • Operational Modes
  • NTP Clients
  • Configuring NTP Clients
  • Configuring NTP Servers
  • Securing NTP
  • NTP Packet Integrity
  • Useful NTP Commands
  • Common Security Problems
  • Account Proliferation
  • The Kerberos Solution
  • Kerberos History
  • Kerberos Implementations
  • Kerberos Concepts
  • Kerberos Principals
  • Kerberos Safeguards
  • Kerberos Components
  • Authentication Process
  • Identification Types
  • Logging In
  • Gaining Privileges
  • Using Privileges
  • Kerberos Components and the KDC
  • Kerberized Services Review
  • Kerberized Clients
  • KDC Server Daemons
  • Configuration Files
  • Utilities Overview
  • Plan Topology and Implementation
  • Kerberos 5 Client Software
  • Kerberos 5 Server Software
  • Synchronize Clocks
  • Create Master KDC
  • Configuring the Master KDC
  • KDC Logging
  • Kerberos Realm Defaults
  • Specifying [realms]
  • Specifying [domain_realm]
  • Allow Administrative Access
  • Create KDC Databases
  • Create Administrators
  • Install Keys for Services
  • Start Services
  • Add Host Principals
  • Add Common Service Principals
  • Configure Slave KDCs
  • Create Principals for Slaves
  • Define Slaves as KDCs
  • Copy Configuration to Slaves
  • Install Principals on Slaves
  • Create Stash on Slaves
  • Start Slave Daemons
  • Client Configuration
  • Install krb5.conf on Clients
  • Client PAM Configuration
  • Install Client Host Keys
  • Administrative Tasks
  • Key Tables
  • Managing Keytabs
  • Managing Principals
  • Viewing Principals
  • Adding, Deleting, and Modifying Principals
  • Principal Policy
  • Overall Goals for Users
  • Signing In to Kerberos
  • Ticket types
  • Viewing Tickets
  • Removing Tickets
  • Passwords
  • Changing Passwords
  • Giving Others Access
  • Using Kerberized Services
  • Kerberized FTP
  • Enabling Kerberized Services
  • OpenSSH and Kerberos
  • Filesystem Mount Options
  • NFS Properties
  • NFS Export Option
  • NFSv4 and GSSAPI Auth
  • Implementing NFSv4
  • Implementing Kerberos with NFS
  • GPG – GNU Privacy Guard
  • File Encryption with OpenSSL
  • File Encryption with encfs
  • Linux Unified Key Setup (LUKS)
  • Host Intrusion Detection Systems
  • Introduction to AIDE
  • AIDE Installation
  • AIDE Policies
  • AIDE Usage Chapter Section
  • Accountability and Auditing
  • Simple Session Auditing
  • Simple Process Accounting & Command History
  • Kernel-Level Auditing
  • Configuring the Audit Daemon
  • Controlling Kernel Audit System
  • Creating Audit Rules
  • Searching Audit Logs
  • Generating Audit Log Reports
  • Audit Log Analysis
  • DAC vs. MAC
  • Shortcomings of Traditional Unix Security
  • AppArmor
  • SELinux Goals
  • SELinux Evolution
  • SELinux Modes
  • Gathering Information
  • SELinux Virtual Filesystem
  • SELinux Contexts
  • Managing Contexts
  • The SELinux Policy
  • Choosing an SELinux Policy
  • Policy Layout
  • Tuning and Adapting Policy
  • Booleans
  • Permissive Domains
  • Managing File Contexts
  • Managing Port Contexts
  • SELinux Policy Tools
  • Examining Policy
  • SELinux Troubleshooting
  • Apache Overview
  • httpd.conf – Server Settings
  • Configuring CGI
  • Turning Off Unneeded Modules
  • Delegating Administration
  • Apache Access Controls (mod_access)
  • HTTP User Authentication
  • Standard Auth Modules
  • HTTP Digest Authentication
  • Authentication via SQL
  • Authentication via LDAP
  • Authentication via Kerberos
  • Scrubbing HTTP Headers
  • Metering HTTP Band
  • PostgreSQL Overview
  • PostgreSQL Default Config
  • Configuring SSL
  • Client Authentication Basics
  • Advanced Authentication
  • Ident-based Authentication

Recommended Prerequisite Knowledge

  • Experience with using the Linux command line.
  • Skills in user management, file permissions, and process management in Linux.
  • Understanding of basic networking concepts, such as IP addressing, subnetting, and routing.
  • Familiarity with configuring basic network services on Linux.
  • Knowledge of basic security concepts, such as firewalls, user management, and securing services.
  • Prior experience with Linux security tools like SELinux or AppArmor can be beneficial.

Enterprise Linux Security Administration (LN4990)​

The Enterprise Linux Security Administration (LN4990)​ training equips IT professionals with the expertise required to secure Linux-based environments effectively. This course focuses on advanced security techniques, including access controls, encryption, threat detection, and compliance measures essential for safeguarding critical systems.

Participants will develop practical skills through hands-on exercises, ensuring they can implement robust security protocols, mitigate vulnerabilities, and protect sensitive data in enterprise Linux infrastructures.

Why Choose This Linux Security Administration Training?

With increasing cybersecurity threats, securing Linux systems is paramount for IT operations. This training provides comprehensive guidance on best practices for Linux security, enabling professionals to build resilient systems that withstand modern challenges.

By completing this training, participants enhance their career prospects while ensuring they are equipped to handle the complexities of enterprise-level Linux security.

Skills Developed During the Training

  1. Access Control Management
    Learn to configure user roles, groups, and permissions to restrict unauthorized access.

  2. Encryption Techniques
    Master encryption tools such as GPG and OpenSSL to protect sensitive data.

  3. System Hardening
    Understand how to configure secure settings to reduce vulnerabilities and attack surfaces.

  4. Threat Detection and Prevention
    Implement tools like SELinux, AppArmor, and firewalls to identify and mitigate potential threats.

  5. Compliance and Auditing
    Gain expertise in implementing audit trails and compliance measures to meet regulatory standards.

  6. Incident Response
    Develop skills to detect, analyze, and respond to security breaches effectively.

Interactive and Practical Training

This training is led by experienced Linux security professionals who combine theory with practical exercises. Participants will work on realistic case studies and scenarios to apply the concepts learned, ensuring they are ready to tackle real-world security challenges.

Who Should Attend?

  • IT security professionals managing Linux environments
  • System administrators seeking to specialize in Linux security
  • Network administrators responsible for securing enterprise infrastructures
  • Individuals preparing for advanced roles in cybersecurity

Strengthen Your Linux Security Skills

The Enterprise Linux Security Administration (LN4990)​ training equips you with the tools and techniques needed to secure Linux infrastructures against evolving cyber threats. Enroll today to enhance your expertise and protect your organization’s critical systems.

Frequently asked questions - Linux enterprise security training (FAQ)

The course covers access control, encryption, system hardening, threat detection, compliance, and incident response.

Yes, participants engage in hands-on exercises to implement and test security measures.

Tools include SELinux, AppArmor, OpenSSL, GPG, and Linux firewalls.

This course is ideal for IT professionals responsible for securing Linux-based systems.

A solid understanding of Linux system administration is recommended.

It provides advanced Linux security skills, making participants valuable assets in cybersecurity roles.

Request form for a private class training

Dear Client,

We confirm the receipt of your request regarding the training: Enterprise Linux Security Administration (LN4990)

Here is the information we have received.

Language: English

Duration: 5 days / 35 hours

Number of participants from your organization *

Minimum number of participants: 6

Organization name *
Your first and last name *
Telephone number *
Professional email *
How did you hear about us? *
Comments or Remarks
Promotional code
I accept the General Terms and Conditions
The General Conditions are accessible on this page.

Our website uses cookies to personalize your browsing experience. By clicking ‘I accept,’ you consent to the use of cookies.