There is IT in Helsinki

There is IT in Helsinki

RH413 - Red Hat Server Hardening

I'm attending this training in a week or so. This post will be updated as I go through the sections I want to check out before the training starts.

https://www.redhat.com/en/services/training/rh413-red-hat-server-hardening

  • Track security updates
  • Understand how Red Hat Enterprise Linux produces updates and how to use yum to perform queries to identify what errata are available.
  • Manage software updates
  • Develop a process for applying updates to systems including verifying properties of the update.
  • Create file systems
  • Allocate an advanced file system layout and use file system encryption.
  • Manage file systems
  • Adjust file system properties through security related options and file system attributes.
  • Manage special permissions
  • Work with set user ID (SUID), set group ID (SGID), and sticky (SVTX) permissions and locate files with these permissions enabled.
  • Manage additional file access controls
  • Modify default permissions applied to files and directories; work with file access control lists.
  • Monitor for file system changes
  • Configure software to monitor the files on your machine for changes.
  • Manage user accounts
  • Set password-aging properties for users; audit user accounts.
  • Manage pluggable authentication modules (PAMs)
  • Apply changes to PAMs to enforce different types of rules on users.
  • Secure console access
  • Adjust properties for various console services to enable or disable settings based on security.
  • Install central authentication
  • Install and configure a Red Hat Identity Management server and client.
  • Manage central authentication
  • Configure Red Hat Identity Management rules to control both user access to client systems and additional privileges granted to users on those systems.
  • Configure system logging
  • Configure remote logging to use transport layer encryption and manage additional logs generated by remote systems.
  • Configure system auditing
  • Enable and configure system auditing.
  • Control access to network services
  • Manage firewall rules to limit connectivity to network services.

From the exam https://www.redhat.com/en/services/training/ex413-red-hat-certificate-expertise-server-hardening-exam

  • Identify Red Hat Common Vulnerabilities and Exposures (CVEs) and Red Hat Security Advisories (RHSAs) and selectively update systems based on this information
  • Verify package security and validity
  • Identify and employ standards-based practices for configuring file system security, create and use encrypted file systems, tune file system features, and use specific mount options to restrict access to file system volumes
  • Configure default permissions for users and use special file permissions, attributes, and access control lists (ACLs) to control access to files
  • Install and use intrusion detection capabilities in Red Hat Enterprise Linux to monitor critical system files
  • Manage user account security and user password security
  • Manage system login security using pluggable authentication modules (PAM)
  • Configure console security by disabling features that allow systems to be rebooted or powered off using bootloader passwords
  • Configure system-wide acceptable use notifications
  • Install, configure, and manage identity management services and configure identity management clients
  • Configure remote system logging services, configure system logging, and manage system log files using mechanisms such as log rotation and compression
  • Configure system auditing services and review audit reports
  • Use network scanning tools to identify open network service ports and configure and troubleshoot system firewalling