Security is always a concern, and with major security holes like Shellshock and Heartbleed being announced regularly, it’s more critical than ever to secure the data you are liable for. This course will walk you through the many risks and threats that exist, show you how to use best practices and other open-source tools to mitigate or counteract those threats, and teach you what you need to know to detect and recover from those attacks that do happen.
This advanced, completely hands-on course adopts a highly technical approach to cover important security techniques and tools. By providing visibility both into attack vectors and possible security holes, this course provides you a complete guide on how to mitigate security risks in any Linux environment. You’ll learn:
- How to assess security risks in your enterprise Linux environment.
- The best techniques and tools to increase security.
- Server hardening
- How to deploy and use monitoring and attack detection tools.
- How to gain visibility into possible vulnerabilities.
- The art and science of developing your Linux security policy and response strategy.
- How to configure your systems for compliance with HIPAA, DISA STIG, etc.
This course is designed to work with a wide range of Linux distributions, so you will be able to apply these concepts regardless of your distro.
Linux Foundation has listed out this course. We frequently offer courses with similar content. Please ask us, if you are interested.
Voraussetzungen
Any professional IT manager and administrator should benefit from this course. Software developers who need to improve their knowledge of security concepts and strategies will also find a great deal of information that applies to their responsibilities.
Inhalt
Introduction
- Linux Foundation
- Linux Foundation Training
- Laboratory Exercises, Solutions and Resources
- Distribution Details
- Lab Setup
- Registration
- Labs
Security Basics
- What is Security?
- Assessment
- Prevention
- Detection
- Reaction
- Labs
Threats and Risk Assessment
- Classes of Attackers
- Types of Attacks
- Trade Offs
- Labs
Physical Access
- Physical Security
- Hardware Security
- Understanding the Linux Boot Process
- Labs
Logging
- Logging Overview
- Syslog Services
- The Linux Kernel Audit Daemon
- Linux Firewall Logging
- Log Reports
- Labs
Auditing and Detection
- Auditing Basics
- Understanding an Attack Progression
- Detecting an Attack
- Intrusion Detection Systems
- Labs
Application Security
- Bugs and Tools
- Tracking and Documenting Changes
- Resource Access Control
- Mitigation Techniques
- Policy Based Access Control Frameworks
- Real World Example
- Labs
Kernel Vulnerabilities
- Kernel and User Spaces
- Bugs
- Mitigating Kernel Vulnerabilities
- Vulnerabilities Examples
- Labs
Authentication
- Encryption and Authentication
- Passwords and PAM
- Hardware Tokens
- Biometric Authentication
- Network and Centralized Authentication
- Labs
Local System Security
- Standard UNIX Permissions
- Administrator Account
- Advanced UNIX Permissions
- Filesystem Integrity
- Filesystem Quotas
- Labs
Network Security
- TCP/IP Protocols Review
- Remote Trust Vectors
- Remote Exploits
- Labs
Network Services Security
- Network Tools
- Databases
- Web Server
- File Servers
- Labs
Denial of Service
- Network Basics
- DoS Methods
- Mitigation Techniques
- Labs
Remote Access
- Unencrypted Protocols
- Accessing Windows Systems
- SSH
- IPSEC VPNs
- Labs
Firewalling and Packet Filtering
- Firewalling Basics
- iptables
- Netfilter Implementation
- Netfilter rule management
- Mitigate Brute Force Login Attempts
- Labs
Response and Mitigation
- Preparation
- During an Incident
- Handling Incident Aftermath
- Labs
- What is Security?
- Assessment
- Prevention
- Detection
- Reaction
- Labs
Threats and Risk Assessment
- Classes of Attackers
- Types of Attacks
- Trade Offs
- Labs
Physical Access
- Physical Security
- Hardware Security
- Understanding the Linux Boot Process
- Labs
Logging
- Logging Overview
- Syslog Services
- The Linux Kernel Audit Daemon
- Linux Firewall Logging
- Log Reports
- Labs
Auditing and Detection
- Auditing Basics
- Understanding an Attack Progression
- Detecting an Attack
- Intrusion Detection Systems
- Labs
Application Security
- Bugs and Tools
- Tracking and Documenting Changes
- Resource Access Control
- Mitigation Techniques
- Policy Based Access Control Frameworks
- Real World Example
- Labs
Kernel Vulnerabilities
- Kernel and User Spaces
- Bugs
- Mitigating Kernel Vulnerabilities
- Vulnerabilities Examples
- Labs
Authentication
- Encryption and Authentication
- Passwords and PAM
- Hardware Tokens
- Biometric Authentication
- Network and Centralized Authentication
- Labs
Local System Security
- Standard UNIX Permissions
- Administrator Account
- Advanced UNIX Permissions
- Filesystem Integrity
- Filesystem Quotas
- Labs
Network Security
- TCP/IP Protocols Review
- Remote Trust Vectors
- Remote Exploits
- Labs
Network Services Security
- Network Tools
- Databases
- Web Server
- File Servers
- Labs
Denial of Service
- Network Basics
- DoS Methods
- Mitigation Techniques
- Labs
Remote Access
- Unencrypted Protocols
- Accessing Windows Systems
- SSH
- IPSEC VPNs
- Labs
Firewalling and Packet Filtering
- Firewalling Basics
- iptables
- Netfilter Implementation
- Netfilter rule management
- Mitigate Brute Force Login Attempts
- Labs
Response and Mitigation
- Preparation
- During an Incident
- Handling Incident Aftermath
- Labs
- Physical Security
- Hardware Security
- Understanding the Linux Boot Process
- Labs
Logging
- Logging Overview
- Syslog Services
- The Linux Kernel Audit Daemon
- Linux Firewall Logging
- Log Reports
- Labs
Auditing and Detection
- Auditing Basics
- Understanding an Attack Progression
- Detecting an Attack
- Intrusion Detection Systems
- Labs
Application Security
- Bugs and Tools
- Tracking and Documenting Changes
- Resource Access Control
- Mitigation Techniques
- Policy Based Access Control Frameworks
- Real World Example
- Labs
Kernel Vulnerabilities
- Kernel and User Spaces
- Bugs
- Mitigating Kernel Vulnerabilities
- Vulnerabilities Examples
- Labs
Authentication
- Encryption and Authentication
- Passwords and PAM
- Hardware Tokens
- Biometric Authentication
- Network and Centralized Authentication
- Labs
Local System Security
- Standard UNIX Permissions
- Administrator Account
- Advanced UNIX Permissions
- Filesystem Integrity
- Filesystem Quotas
- Labs
Network Security
- TCP/IP Protocols Review
- Remote Trust Vectors
- Remote Exploits
- Labs
Network Services Security
- Network Tools
- Databases
- Web Server
- File Servers
- Labs
Denial of Service
- Network Basics
- DoS Methods
- Mitigation Techniques
- Labs
Remote Access
- Unencrypted Protocols
- Accessing Windows Systems
- SSH
- IPSEC VPNs
- Labs
Firewalling and Packet Filtering
- Firewalling Basics
- iptables
- Netfilter Implementation
- Netfilter rule management
- Mitigate Brute Force Login Attempts
- Labs
Response and Mitigation
- Preparation
- During an Incident
- Handling Incident Aftermath
- Labs
- Auditing Basics
- Understanding an Attack Progression
- Detecting an Attack
- Intrusion Detection Systems
- Labs
Application Security
- Bugs and Tools
- Tracking and Documenting Changes
- Resource Access Control
- Mitigation Techniques
- Policy Based Access Control Frameworks
- Real World Example
- Labs
Kernel Vulnerabilities
- Kernel and User Spaces
- Bugs
- Mitigating Kernel Vulnerabilities
- Vulnerabilities Examples
- Labs
Authentication
- Encryption and Authentication
- Passwords and PAM
- Hardware Tokens
- Biometric Authentication
- Network and Centralized Authentication
- Labs
Local System Security
- Standard UNIX Permissions
- Administrator Account
- Advanced UNIX Permissions
- Filesystem Integrity
- Filesystem Quotas
- Labs
Network Security
- TCP/IP Protocols Review
- Remote Trust Vectors
- Remote Exploits
- Labs
Network Services Security
- Network Tools
- Databases
- Web Server
- File Servers
- Labs
Denial of Service
- Network Basics
- DoS Methods
- Mitigation Techniques
- Labs
Remote Access
- Unencrypted Protocols
- Accessing Windows Systems
- SSH
- IPSEC VPNs
- Labs
Firewalling and Packet Filtering
- Firewalling Basics
- iptables
- Netfilter Implementation
- Netfilter rule management
- Mitigate Brute Force Login Attempts
- Labs
Response and Mitigation
- Preparation
- During an Incident
- Handling Incident Aftermath
- Labs
- Kernel and User Spaces
- Bugs
- Mitigating Kernel Vulnerabilities
- Vulnerabilities Examples
- Labs
Authentication
- Encryption and Authentication
- Passwords and PAM
- Hardware Tokens
- Biometric Authentication
- Network and Centralized Authentication
- Labs
Local System Security
- Standard UNIX Permissions
- Administrator Account
- Advanced UNIX Permissions
- Filesystem Integrity
- Filesystem Quotas
- Labs
Network Security
- TCP/IP Protocols Review
- Remote Trust Vectors
- Remote Exploits
- Labs
Network Services Security
- Network Tools
- Databases
- Web Server
- File Servers
- Labs
Denial of Service
- Network Basics
- DoS Methods
- Mitigation Techniques
- Labs
Remote Access
- Unencrypted Protocols
- Accessing Windows Systems
- SSH
- IPSEC VPNs
- Labs
Firewalling and Packet Filtering
- Firewalling Basics
- iptables
- Netfilter Implementation
- Netfilter rule management
- Mitigate Brute Force Login Attempts
- Labs
Response and Mitigation
- Preparation
- During an Incident
- Handling Incident Aftermath
- Labs
- Standard UNIX Permissions
- Administrator Account
- Advanced UNIX Permissions
- Filesystem Integrity
- Filesystem Quotas
- Labs
Network Security
- TCP/IP Protocols Review
- Remote Trust Vectors
- Remote Exploits
- Labs
Network Services Security
- Network Tools
- Databases
- Web Server
- File Servers
- Labs
Denial of Service
- Network Basics
- DoS Methods
- Mitigation Techniques
- Labs
Remote Access
- Unencrypted Protocols
- Accessing Windows Systems
- SSH
- IPSEC VPNs
- Labs
Firewalling and Packet Filtering
- Firewalling Basics
- iptables
- Netfilter Implementation
- Netfilter rule management
- Mitigate Brute Force Login Attempts
- Labs
Response and Mitigation
- Preparation
- During an Incident
- Handling Incident Aftermath
- Labs
- Network Tools
- Databases
- Web Server
- File Servers
- Labs
Denial of Service
- Network Basics
- DoS Methods
- Mitigation Techniques
- Labs
Remote Access
- Unencrypted Protocols
- Accessing Windows Systems
- SSH
- IPSEC VPNs
- Labs
Firewalling and Packet Filtering
- Firewalling Basics
- iptables
- Netfilter Implementation
- Netfilter rule management
- Mitigate Brute Force Login Attempts
- Labs
Response and Mitigation
- Preparation
- During an Incident
- Handling Incident Aftermath
- Labs
- Unencrypted Protocols
- Accessing Windows Systems
- SSH
- IPSEC VPNs
- Labs
Firewalling and Packet Filtering
- Firewalling Basics
- iptables
- Netfilter Implementation
- Netfilter rule management
- Mitigate Brute Force Login Attempts
- Labs
Response and Mitigation
- Preparation
- During an Incident
- Handling Incident Aftermath
- Labs
- Preparation
- During an Incident
- Handling Incident Aftermath
- Labs
Kurszeiten
Wer möchte, reist bis 22 Uhr am Vortag an und nutzt den Abend bereits zum Fachsimpeln am Kamin oder im Park.
An den Kurstagen dann von 9-18 Uhr (mit 2 Kaffee- und 1 Mittagspause) etwa 60% Schulungen und 40% Übungen. Selbstverständlich arbeitet jeder Teilnehmer am von uns gestellten Notebook oft parallel zum Referenten mit.
Anschließend Abendessen und Angebote für Fachsimpeln, Ausflüge uvm. Wir schaffen eine Atmosphäre, in der Fachleute sich ungezwungen austauschen. Wer das nicht will, wird zu nichts gezwungen und findet auch jederzeit Ruhe.