Expertise in Network Services (RHS333)
Expertise in Network Services (RHS333)
| Course Description |
| Red Hat Enterprise Security: Network Services (RHS333) is an intensive course that equips senior system administrators and security professionals with the skills and knowledge required to harden systems against both internal and external attacks. This class advances beyond the essential security coverage offered in the RHCE curriculum and delves more deeply into the security features, capabilities, and how to properly respond to sophisticated security threats aimed at enterprise systems. Students will also cover an in-depth analysis of the ever-changing threat models as they pertain to Red Hat Enterprise Linux. At the end of the four day course, students should be able to design and implement an adequate security profile for critical enterprise systems. |
|
| Course Content |
| Learn how to improve and maintain the security of typical network . Focus on mechanism at the Transport layer or in the OSI network model |
- Security services
- Cryptography
- Intrusion Detection and prevention
|
|
| Unit 1:- The Threat Model and Protection Methods |
- Basic types of attacks
- Protection mechanism
- Xen terminology
|
|
| Unit 2:- Basic Service Security |
- SELinux
- Host-based access control
- Firewalls using Netfilter and iptables
- TCP wrappers option
- Advanced xinetd configuration
|
|
| Unit 3:- Cryptography |
- Overview of cryptographic techniques
- Management of SSL certificates
- Using GnuPG
- Network communication vulnerabilities
|
|
| Unit 4:- BIND and DNS Security |
- BIND vulnerabilities
- DNS Security: attacks on DNS
- Access control lists
- Transaction signatures
- Restricting zone transfers and recursive queries
- DNS Topologies
- Bogus servers and blackholes
- Views
- Monitoring and logging
- Dynamic DNS security
|
|
| Unit 5:- Network Authentication: RPC, NIS, and Kerberos |
- Vulnerabilities
- Network-managed users and account management
- RPC and NIS security issues
- Improving NIS security
- Using Kerberos authentication
- Kerberos Encryption
|
|
| Unit 6:- Network File System |
- Overview of NFS versions 2, 3, and 4
- Security in NFS versions 2 and 3
- Improvements in security in NFS4
- Troubleshooting NFS4
- Client-side mount options
|
|
| Unit 7:- OpenSSH |
|
- Vulnerabilities
- Server configuration and the SSH protocols
- Authentication and access control
- Client-side security
- Port-forwarding and X11-forwarding issues
|
|
| Unit 8:- Electronic Mail with Sendmail |
- Vulnerabilities
- Server topologies
- Email encryption
- Anti-spam mechanisms
|
|
| Unit 9:- Postfix |
- Vulnerabilities
- Security and Postfix design
- Anti-spam mechanisms
- Configuring SASL/TLS
|
|
| Unit 10:- FTP |
- Vulnerabilities
- The FTP protocol and FTP servers
- Logging
- Anonymous FTP
- Access control
|
|
| Unit 11:- Apache security |
- Vulnerabilities
- Access control
- Authentication: files, passwords, Kerberos
- Security implications of common configuration options
- CGI security
|
|
| Unit 12:- Intrusion Detection and Recovery |
- Intrusion risks
- Security policy
- Detecting possible intrusions
- Monitoring network traffic and open ports
- Detecting modified files
- Investigating and verifying detected intrusions
- Recovering from, reporting, and documenting intrusions
|
|
| EXAM DETAIL OF RH333-: |
| RHS333(Red Hat Enterprise Security Network Services )-: |
| Exam duration:-RH333 Exam have 2 secession
1st secession = 3.00hr
2nd secession = 3.00hr
Exam totally based on practical.
You must have a RHCE Certified and RH333 book. |
