LFS416 Linux Security

Security is always a concern, and with major security holes like Shellshock and Heartbleed being announced regularly, it’s more critical than ever to secure the data you are liable for. This course will walk you through the many risks and threats that exist, show you how to use best practices and other open-source tools to mitigate or counteract those threats, and teach you what you need to know to detect and recover from those attacks that do happen.

This advanced, completely hands-on course adopts a highly technical approach to cover important security techniques and tools. By providing visibility both into attack vectors and possible security holes, this course provides you a complete guide on how to mitigate security risks in any Linux environment. You’ll learn:

How to assess security risks in your enterprise Linux environment.
The best techniques and tools to increase security.
Server hardening
How to deploy and use monitoring and attack detection tools.
How to gain visibility into possible vulnerabilities.
The art and science of developing your Linux security policy and response strategy.
How to configure your systems for compliance with HIPAA, DISA STIG, etc.

This course is designed to work with a wide range of Linux distributions, so you will be able to apply these concepts regardless of your distro.

Linux Foundation has listed out this course. We frequently offer courses with similar content. Please ask us, if you are interested.

Voraussetzungen

Any professional IT manager and administrator should benefit from this course. Software developers who need to improve their knowledge of security concepts and strategies will also find a great deal of information that applies to their responsibilities.

Inhalt

Introduction

Linux Foundation
Linux Foundation Training
Laboratory Exercises, Solutions and Resources
Distribution Details
Lab Setup
Registration
Labs

Security Basics

What is Security?
Assessment
Prevention
Detection
Reaction
Labs

Threats and Risk Assessment

Classes of Attackers
Types of Attacks
Trade Offs
Labs

Physical Access

Physical Security
Hardware Security
Understanding the Linux Boot Process
Labs

Logging

Logging Overview
Syslog Services
The Linux Kernel Audit Daemon
Linux Firewall Logging
Log Reports
Labs

Auditing and Detection

Auditing Basics
Understanding an Attack Progression
Detecting an Attack
Intrusion Detection Systems
Labs

Application Security

Bugs and Tools
Tracking and Documenting Changes
Resource Access Control
Mitigation Techniques
Policy Based Access Control Frameworks
Real World Example
Labs

Kernel Vulnerabilities

Kernel and User Spaces
Bugs
Mitigating Kernel Vulnerabilities
Vulnerabilities Examples
Labs

Authentication

Encryption and Authentication
Passwords and PAM
Hardware Tokens
Biometric Authentication
Network and Centralized Authentication
Labs

Local System Security

Standard UNIX Permissions
Administrator Account
Advanced UNIX Permissions
Filesystem Integrity
Filesystem Quotas
Labs

Network Security

TCP/IP Protocols Review
Remote Trust Vectors
Remote Exploits
Labs

Network Services Security

Network Tools
Databases
Web Server
File Servers
Labs

Denial of Service

Network Basics
DoS Methods
Mitigation Techniques
Labs

Remote Access

Unencrypted Protocols
Accessing Windows Systems
SSH
IPSEC VPNs
Labs

Firewalling and Packet Filtering

Firewalling Basics
iptables
Netfilter Implementation
Netfilter rule management
Mitigate Brute Force Login Attempts
Labs

Response and Mitigation

Preparation
During an Incident
Handling Incident Aftermath
Labs

Kurszeiten

Wer möchte, reist bis 22 Uhr am Vortag an und nutzt den Abend bereits zum Fachsimpeln am Kamin oder im Park.

An den Kurstagen dann von 9-18 Uhr (mit 2 Kaffee- und 1 Mittagspause) etwa 60% Schulungen und 40% Übungen. Selbstverständlich arbeitet jeder Teilnehmer am von uns gestellten Notebook oft parallel zum Referenten mit.

Anschließend Abendessen und Angebote für Fachsimpeln, Ausflüge uvm. Wir schaffen eine Atmosphäre, in der Fachleute sich ungezwungen austauschen. Wer das nicht will, wird zu nichts gezwungen und findet auch jederzeit Ruhe.

dieser Kurs auf deutsch

Termine und Anmeldung

Es steht noch kein Termin für diesen Kurs fest.