UNIX and Linux Security: Hands-On

Frequently Asked Questions

What is this course about? This course enables you to understand, assess, and combat threats to the security of your UNIX and Linux platforms, arising from either accidental or intentional misuse. You learn how to take advantage of tools and utilities to defend against these threats and so maintain the integrity and reliability of your systems and networks. What background should I have? You should have recent experience with UNIX command-line tools. Course 428, UNIX®: A Comprehensive Hands-On Introduction, or Course 143, Linux®: A Comprehensive Hands-On Introduction, for Linux users, provides the necessary preparation. Some UNIX administration and security experience is helpful, as is familiarity with networking concepts. You must be comfortable with the Linux command line, including the vi text editor and standard file manipulation utilities. Who will benefit from this course? In today's environment, security is the concern of designers, implementers, system administrators and users of computer systems. This course is of direct and immediate benefit to systems managers responsible for the installation and operation of UNIX platforms. Typical participants also include: Systems administrators and members of system administration teams Information Systems security analysts and auditors who are evaluating or certifying a UNIX environment Members of computer emergency response teams Planners concerned with integrating UNIX securely with other network operating systems Staff responsible for "hardening" a UNIX system for use as an Internet firewall platform Why should I be concerned about UNIX security? UNIX provides a mature, stable and high-performance operating system platform for a wide range of vital applications. It is used extensively on corporate intranets, as well as the Internet. As with any complex system, there are design issues and potential vulnerabilities that pose threats to the integrity and availability of critical company data. You can achieve a high level of security with UNIX, provided you take steps to deploy appropriate configuration options and updated software components. Two factors magnify the risk of inaction: Potential attackers know a great deal about the weaknesses in default UNIX configurations These attackers know how to exploit such weaknesses Which UNIX versions does the course cover? The course addresses all major versions of UNIX. For the hands-on exercises we use both Solaris and Red Hat Enterprise Linux. Some exercises must be done in a specific operating system, but many of the exercises allow each team to pick either Solaris or Linux. Having these two platforms, you are able to: Evaluate the many useful security tools that are being developed by the user community See how you can apply them to a commercially supported system What specific tools will I use in the course? The tools that you install and apply include Tara and Titan to perform configuration audits on UNIX systems, netstat and lsof to analyze network security risks, Tripwire to monitor filesystem integrity, SSH for secure remote access and tunneling graphical applications, PAM for secure user authentication, and sudo for controlled superuser access. How much time is spent on each topic? Content Hours UNIX and security overview 3.5 User accounts and authentication 5.0 Limiting superuser privileges 2.0 Securing local and network file systems 4.0 Controlling program execution 3.0 Providing secure network services 6.0 Security standards and evaluation 0.5 Times, including the workshops, are estimates; exact times may vary according to the needs of each class. Does the course address firewall technologies? The course discusses technology appropriate for use on a system to be used in a firewall architecture, but it is not a course about firewalls. Security experts widely recommend UNIX systems as the platform of choice for firewall software. This course equips you with the background you need to "harden" the UNIX operating system for this role as a bastion host. The skills that you learn allow you to achieve "defense in depth" by additionally securing the operating system on internal UNIX hosts. What hands-on exercises will I do? A significant portion of the course is devoted to the hands-on exercises. Topics include: Running automated tools on a UNIX system Replacing the standard UNIX password-changing program Replacing the standard UNIX remote access utilities with SSH Deploying an add-on tool to safely delegate administrative tasks Installing Tripwire Analyzing your UNIX servers' network-based security risks Protecting your UNIX server from network intrusion Patching the Solaris operating system Will this course help me prepare for the CISSP Certification examination? Yes, this course helps you prepare for multiple domains on the CISSP Certification exam. For more information, please refer to the CISSP Q&A. Does this course provide me with (ISC)2 continuing professional education (CPE) credits? Yes! Learning Tree, in agreement with (ISC)2, is a recognized "Trusted CPE Provider." This course provides you with 32 "A-level" CPE credits toward maintaining your CISSP Certification. Please see the CISSP Q&A for more information on the continuing education requirements of (ISC)2. How does this course relate to other Learning Tree courses? Learning Tree offers a number of courses that will help you expand upon the knowledge gained in this course and further your skills in several key areas. Those courses include: 435, UNIX® Administration and Support: Hands-On  144, Linux® Administration and Support: Hands-On  468, System and Network Security: A Comprehensive Introduction  340, Project Management for Software Development  914, Project Portfolio Management: Successfully Managing Multiple Projects

Linux is a registered trademark of Linus Torvalds. UNIX is a registered trademark of X/Open Company, Limited. Red Hat and Red Hat Enterprise Linux are trademarks of Red Hat, Inc. in the United States and other countries.