O'Reilly logo

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Linux Security: Red Hat Certificate of Expertise in Server Hardening (EX413) and LPIC-3 303 (Security) Exams

Video Description

Duration

More than 13 hours of video instruction.

Overview

Learn everything you need to know about Linux security in one title.

Description

Linux Security Complete Video Course teaches you everything you need to know to build a safe Linux environment. Taught by best-selling author and trainer Sander van Vugt, Linux Security Complete Video Course covers every aspect of Linux security, including Linux operating system security, managing Linux user security, securing Linux services, and securing Linux infrastructure.

The topics in this course cover all the exam objectives and prepare you for the two most significant certifications in the field of Linux security: the Red Hat RHCA Server Hardening (EX413) exam and the LPIC-3 exam 303 "Linux Security" exam. Even if you're preparing for just one of the exams, it’s recommend that you watch all the lessons in this course, which lays out a framework for understanding Linux security, mitigating threats, and responding to incidents.

The material provided in this course is designed to help you learn and prepare in the best possible way. Each lesson provides an end-of-lesson lab that walks you through real-world scenarios as you learn. They also act as assignments to help you prepare for the scenarios you will encounter on the Red Hat Server Hardening exam. These labs are provided as text as well as video solutions so you can work through them on your own and then compare your work to the author’s.

The video lessons cover the following topics:

Module 1: Linux Operating System Security
Lesson 1: Keeping Linux up-to-date
Lesson 2: Managing file system security properties
Lesson 3: Securing server access
Lesson 4: Configuring system logging
Lesson 5: Managing system auditing
Lesson 6: Managing mandatory access control (MAC)
Lesson 7: Managing kernel security

Module 2: Managing Linux User Security
Lesson 8: Managing Linux permissions and attributes
Lesson 9: Managing user accounts
Lesson 10: Installing central authentication

Module 3: Securing Linux Services
Lesson 11: Securing services
Lesson 12: Securing network file systems
Lesson 13: Applying secure remote access solutions

Module 4: Securing Linux Infrastructure
Lesson 14: Sniffing and port scanning
Lesson 15: Configuring analyzing and intrusion detection tools
Lesson 16: Managing firewalls
Lesson 17: Managing certificates and public key infrastructures
Lesson 18: Managing GPG

About the Instructor

Sander van Vugt is an independent Linux trainer, author, and consultant living in the Netherlands. Sander has written numerous books about different Linux-related topics and many articles for Linux publications around the world. Sander is the author of the Red Hat RHCSA Complete Video Course, the Red Hat RHCSA/RHCE Cert Guide, and many other titles from Pearson. He has been teaching Red Hat, Ubuntu, SUSE, Linux Foundation, and LPI Linux classes since 1994. As a consultant, he specializes in Linux high availability solutions and performance optimization. More information about Sander is on his website at www.sandervanvugt.com.

Skill Level

  • Intermediate

What You Will Learn

  • Linux security
  • Red Hat RHCA Server Hardening exam
  • LPIC-3 Security exam

Who Should Take This Course
This course works best for an audience that already has acquired some experience working with Linux. If you are a beginner or you need some a refresher course, you can start with the "Beginning Linux System Administration" course, the Red Hat Certified Systems Administrator (RHCSA) Complete Video Course, or the CompTIA Linux+ / LPIC-1 Complete Video Course.

About LiveLessons Video Training

LiveLessons Video Training series publishes hundreds of hands-on, expert-led video tutorials covering a wide selection of technology topics designed to teach you the skills you need to succeed. This professional and personal technology video series features world-leading author instructors published by your trusted technology brands: Addison-Wesley, Cisco Press, IBM Press, Pearson IT Certification, Prentice Hall, Sams, and Que. Topics include IT Certification, Programming, Web Development, Mobile Development, Home and Office Technologies, Business and Management, and more.
View all LiveLessons on InformIT at http://www.informit.com/livelessons.

Table of Contents

  1. Introduction
    1. Linux Security: Introduction 00:03:30
    2. Getting Started: Setting up a lab environment 00:03:11
  2. Module 1: Linux Operating System Security
    1. Intro 00:00:28
  3. Lesson 1: Keeping Linux up-to-date
    1. Learning objectives 00:00:26
    2. 1.1 Developing an update strategy 00:03:40
    3. 1.2 Applying security updates on Red Hat 00:02:57
    4. 1.3 Applying security updates on Ubuntu 00:03:08
    5. 1.4 Validating packages 00:02:32
    6. Lesson 1 Lab 00:00:30
    7. Lesson 1 Lab Solution 00:03:23
  4. Lesson 2: Managing file system security properties
    1. Learning objectives 00:00:40
    2. 2.1 Creating encrypted volumes—Part 1 00:09:00
    3. 2.2 Creating encrypted volumes—Part 2 00:06:32
    4. 2.3 Using security related mount options 00:05:15
    5. 2.4 Monitoring file system changes (AIDE) 00:07:46
    6. Lesson 2 Lab 00:00:24
    7. Lesson 2 Lab Solution 00:04:24
  5. Lesson 3: Securing server access
    1. Learning objectives 00:00:31
    2. 3.1 Securing the GRUB boot loader 00:10:18
    3. 3.2 Modifying text console settings 00:04:27
    4. 3.3 Modifying graphical console settings 00:02:42
    5. Lesson 3 Lab 00:00:19
    6. Lesson 3 Lab Solution 00:02:04
  6. Lesson 4: Configuring system logging
    1. Learning objectives 00:00:31
    2. 4.1 Understanding Linux logging 00:07:41
    3. 4.2 Configuring secure remote logging: Creating the CA 00:08:44
    4. 4.3 Configuring secure remote logging: Configuring the key material 00:05:32
    5. 4.4 Configuring secure remote logging: Setting up the log server 00:06:03
    6. 4.5 Configuring secure remote logging: Setting up log filtering 00:08:14
    7. 4.6 Managing log rotation 00:04:18
    8. 4.7 Making journald logs persistent 00:04:24
    9. 4.8 Using Logwatch for log analysis 00:04:36
    10. Lesson 4 Lab 00:00:27
    11. Lesson 4 Lab Solution 00:03:09
  7. Lesson 5: Managing system auditing
    1. Learning objectives 00:00:46
    2. 5.1 Reading the audit log 00:07:19
    3. 5.2 Configuring auditing 00:04:54
    4. 5.3 Audit reporting 00:05:55
    5. 5.4 Writing custom audit rules 00:08:37
    6. 5.5 Using predefined audit sets 00:06:07
    7. Lesson 5 Lab 00:00:30
    8. Lesson 5 Lab Solution 00:06:56
  8. Lesson 6: Managing mandatory access control (MAC)
    1. Learning objectives 00:00:38
    2. 6.1 Understanding the need for MAC 00:05:15
    3. 6.2 Comparing SELinux to AppArmor 00:02:41
    4. 6.3 Configuring AppArmor 00:16:16
    5. 6.4 Understanding SELinux workings 00:05:35
    6. 6.5 Configuring SELinux file context 00:14:28
    7. 6.6 Configuring SELinux port context 00:05:48
    8. 6.7 Analyzing SELinux events 00:08:07
    9. 6.8 Writing custom SELinux modules 00:09:40
    10. 6.9 Managing users in SELinux 00:03:24
    11. 6.10 Other MAC solutions (Smack) 00:01:37
    12. Lesson 6 Lab 00:00:21
    13. Lesson 6 Lab Solution 00:18:54
  9. Lesson 7: Managing kernel security
    1. Learning objectives 00:00:39
    2. 7.1 Understanding kernel security architecture 00:04:25
    3. 7.2 Linux kernel security issues 00:04:12
    4. 7.3 Fixing Linux kernel vulnerabilities 00:04:27
    5. Lesson 7 Lab 00:01:52
    6. Lesson 7 Lab Solution 00:01:34
  10. Module 2: Managing Linux User Security‚Äã
    1. Intro 00:00:33
  11. Lesson 8: Managing Linux permissions and attributes
    1. Learning objectives 00:00:36
    2. 8.1 Summarizing basic permission usage 00:06:16
    3. 8.2 Managing special permissions 00:10:12
    4. 8.3 Finding files with special permissions 00:02:32
    5. 8.4 Managing default permissions 00:05:22
    6. 8.5 Managing access control lists 00:08:53
    7. 8.6 Using extended attributes 00:07:39
    8. Lesson 8 Lab 00:01:05
    9. Lesson 8 Lab Solution 00:02:12
  12. Lesson 9: Managing user accounts
    1. Learning objectives 00:00:39
    2. 9.1 Managing password properties 00:06:55
    3. 9.2 Auditing user accounts 00:02:19
    4. 9.3 Understanding PAM Part 1 00:10:07
    5. 9.4 Understanding PAM Part 2 00:04:51
    6. 9.5 Understanding security related PAM options 00:03:41
    7. 9.6 Configuring PAM 00:05:06
    8. 9.7 Applying account lockout with PAM Tally 00:03:58
    9. 9.8 Configuring sudo 00:08:45
    10. Lesson 9 Lab 00:00:42
    11. Lesson 9 Lab Solution 00:03:59
  13. Lesson 10: Installing central authentication
    1. Learning objectives 00:01:03
    2. 10.1 Understanding LDAP 00:04:17
    3. 10.2 Understanding Kerberos 00:03:38
    4. 10.3 Installing FreeIPA server 00:12:44
    5. 10.4 Installing FreeIPA clients 00:03:19
    6. 10.5 Understanding the role of sssd 00:06:48
    7. 10.6 Managing users and groups on FreeIPA 00:03:58
    8. 10.7 Setting policies on FreeIPA 00:03:29
    9. 10.8 Configuring centralized sudo rules 00:05:17
    10. Lesson 10 Lab 00:00:43
    11. Lesson 10 Lab Solution 00:15:33
  14. Module 3: Securing Linux Services
    1. Intro 00:00:44
  15. Lesson 11: Securing services
    1. Learning objectives 00:00:33
    2. 11.1 Understanding DNS security issues 00:06:42
    3. 11.2 Securing DNS 00:14:09
    4. 11.3 Securing Apache 00:11:05
    5. 11.4 Securing e-mail 00:13:59
    6. 11.5 Securing SSH 00:13:04
    7. 11.6 Securing vsftpd 00:04:12
    8. Lesson 11 Lab 00:00:19
    9. Lesson 11 Lab Solution 00:05:24
  16. Lesson 12: Securing network file systems
    1. Learning objectives 00:00:33
    2. 12.1 Understanding NFSv4 security improvements 00:05:11
    3. 12.2 Configuring NFSv4 server and clients 00:04:48
    4. 12.3 Understanding NFSv4 authentication mechanisms 00:06:10
    5. 12.4 Using NFSv4 pseudo file systems 00:01:35
    6. 12.5 Understanding NFSv4 ACLS 00:04:16
    7. 12.6 Understanding and using CIFS UNIX extensions 00:03:52
    8. 12.7 Understanding and configuring CIFS security modes (NTLM, Kerberos) 00:02:42
    9. 12.8 Managing, mapping and handling of CIFS, ACLs and SIDs 00:03:31
    10. Lesson 12 Lab 00:00:21
    11. Lesson 12 Lab Solution 00:06:55
  17. Lesson 13: Applying secure remote access solutions
    1. Learning objectives 00:00:40
    2. 13.1 Configuring FreeRADIUS to authenticate network nodes 00:05:42
    3. 13.2 Identifying and dealing with rogue router advertisements and DHCP 00:03:02
    4. 13.3 Configuring and operating OpenVPN server and clients 00:17:08
    5. 13.4 Configuring and operating IPsec server and clients 00:05:58
    6. Lesson 13 Lab 00:00:18
    7. Lesson 13 Lab Solution 00:13:18
  18. Module 4: Securing Linux Infrastructure
    1. Intro 00:00:51
  19. Lesson 14: Sniffing and port scanning
    1. Learning objectives 00:00:43
    2. 14.1 Understanding network sniffing 00:03:58
    3. 14.2 Using tcpdump and Wireshark for package capture 00:12:13
    4. 14.3 Introducing nmap 00:09:03
    5. 14.4 Understanding Nessus 00:02:57
    6. 14.5 Using tripwire 00:02:11
    7. Lesson 14 Lab 00:00:23
    8. Lesson 14 Lab Solution 00:03:06
  20. Lesson 15: Configuring analyzing and intrusion detection tools
    1. Learning objectives 00:00:39
    2. 15.1 Introducing Snort 00:01:55
    3. 15.2 Performing a base Snort configuration 00:04:36
    4. 15.3 Understanding Snort output 00:01:34
    5. 15.4 Introducing Nagios 00:05:36
    6. 15.5 Using ntop 00:02:36
    7. 15.6 Using John the Ripper 00:06:36
    8. 15.7 Introducing Puppet 00:03:45
    9. Lesson 15 Lab 00:00:20
    10. Lesson 15 Lab Solution 00:04:01
  21. Lesson 16: Managing firewalls
    1. Learning objectives 00:00:46
    2. 16.1 Understanding IPtables basics 00:13:02
    3. 16.2 Advanced IPtables usage 00:07:52
    4. 16.3 Working with firewalld 00:09:27
    5. 16.4 Working with ufw 00:04:12
    6. Lesson 16 Lab 00:00:36
    7. Lesson 16 Lab Solution 00:05:54
  22. Lesson 17: Managing certificates and public key infrastructures
    1. Learning objectives 00:00:48
    2. 17.1 Understand x.509 certificates and their properties 00:11:03
    3. 17.2 Understanding trust chains and public key infrastructures 00:07:54
    4. 17.3 Generating and managing public and private keys 00:02:19
    5. 17.4 Creating, operating, and securing a certification authority 00:04:44
    6. 17.5 Request, sign, and manage server and client certificates 00:04:05
    7. 17.6 Revoke certificates and certification authorities 00:02:20
    8. 17.7 Using openssl for SSL/TLS client and server tests 00:01:45
    9. 17.8 Using the openssl commnad for testing TLS certificates 00:06:03
    10. Lesson 17 Lab 00:00:18
    11. Lesson 17 Lab Solution 00:07:55
  23. Lesson 18: Managing GPG
    1. Learning objectives 00:00:24
    2. 18.1 Performing Basic GnuPG configuration, usage, and key revocation 00:07:06
    3. 18.2 Using GnuPG in e-mail 00:04:34
    4. 18.3 Using GnuPG to encrypt files 00:03:35
    5. Lesson 18 Lab 00:00:20
    6. Lesson 18 Lab Solution 00:04:49
  24. Summary
    1. Linux Security: Summary 00:00:42