SA3 E7 Advanced Linux System Administration III Internet Network Services and Security

Similar documents
SA2 v6 Linux System Administration II Net Configuration, Software, Troubleshooting

"Charting the Course... RHCE Rapid Track Course. Course Summary

Linux Administration

Unit 2: Manage Files Graphically with Nautilus Objective: Manage files graphically and access remote systems with Nautilus

Linux for UNIX Administrators

FastTrack to Red Hat Linux System Administrator Course Overview

1 LINUX KERNEL & DEVICES

At course completion. Overview. Audience profile. Course Outline. : 55187B: Linux System Administration. Course Outline :: 55187B::

"Charting the Course... Enterprise Linux System Administration Course Summary

"Charting the Course... MOC B: Linux System Administration. Course Summary

Exam LFCS/Course 55187B Linux System Administration

Part 1 : Getting Familiar with Linux. Hours. Part II : Administering Red Hat Enterprise Linux

Critical Analysis and last hour guide for RHCSA/RHCE Enterprise 7

Red Hat Certified System Administrator (RHCSA) RHCSA 7 Requirements and Syllabus

Enterprise Linux System Administration

Oracle Linux 7: Advanced Administration Ed 1

RedHat Certified Engineer

Red Hat System Administration I - RH124

SUN SOLARIS. Course Catalog

Course 55187B Linux System Administration

Oracle Linux 7: Advanced Administration Ed 1 LVC

"Charting the Course... Enterprise Linux System Administration. Course Summary

CompTIA Linux Course Overview. Prerequisites/Audience. Course Outline. Exam Code: XK0-002 Course Length: 5 Days

Oracle Linux 5 & 6 Advanced Administration

Contents at a Glance COPYRIGHTED MATERIAL. Introduction...1 Part I: Becoming Familiar with Enterprise Linux...7

Community Enterprise Operating System (CentOS 7) Courses

Oracle Linux 7: System Administration Ed 2 Duration: 5 Days

ENTERPRISE LINUX SYSTEM ADMINISTRATION

Oracle Linux 7: System Administration Ed 1

Oracle Linux 7: System Administration Ed 1 LVC

Ubuntu Sever Administration. Duration:40 Hrs

Class 1. Class 2. Class 3

2 SCANNING, PROBING, AND MAPPING VULNERABILITIES

Oracle Linux 7: System Administration Ed 1

Enterprise Linux Network Services (GL275) H7092S

SYLLABUS. Title: Unix Network Administration II

"Charting the Course... Enterprise Linux Security Administration Course Summary

LPI202 - LPIC-2 Exam Prep (Course 2) (LPI202) HL966S

Oracle - Oracle Linux 5 6 System Administration Ed 3

Oracle Linux 7: System Administration Ed 2 NE

RHCSA Rapid Track Course (RH199)

Oracle Linux 5 & 6 Advanced Administration

Oracle Linux System AdministrationNEW

Oracle Linux 5 & 6 System Administration TOD

GL-280: Red Hat Linux 7 Update. Course Description. Course Outline

The table below lists the domains measured by this examination and the extent to which they are represented in the examination.

Oracle Linux 5 & 6 System Administration

CL030 is a csage Certification Preparatory Course!

Linux Bible. Negus, C. Table of Contents ISBN-13: Part I: Getting Started 1 Chapter 1: Starting with Linux 3

Specialized Programme on Internetworking Design and LAN WAN Administration

Course Outline: Linux Professional Institute-LPI 202. Learning Method: Instructor-led Classroom Learning. Duration: 5.00 Day(s)/ 40 hrs.

1Z Oracle Linux 5 and 6 System Administration Exam Summary Syllabus Questions

10972: ADMINISTERING THE WEB SERVER (IIS) ROLE OF WINDOWS SERVER

EX200 EX200. Red Hat Certified System Administrator RHCSA

SysadminSG RHCSA Study Guide

Glossary $PATH pwd A Absolute filename Access control list Anaconda anacron AND Application serve Archiving at Attribute

CIS UNIX System Administration

LPI201 LPIC-2 Exam Prep (Course 1) (LPI201) HL965S

RED HAT ENTERPRISE LINUX 7 BETA

Course 10972B: Administering the Web Server (IIS) Role of Windows Server

PELLISSIPPI STATE COMMUNITY COLLEGE MASTER SYLLABUS LINUX ADVANCED SYSTEM & NETWORK ADMINISTRATION CSIT 2475

example.com index.html # vim /etc/httpd/conf/httpd.conf NameVirtualHost :80 <VirtualHost :80> DocumentRoot /var/www/html/

Prerequisites: Students must be proficient in general computing skills but not necessarily experienced with Linux or Unix. Supported Distributions:

How to Use This Lab Manual

Configuring, Managing, and Maintaining Windows Server 2008 R2 Servers

RH202. Redhat Certified Technician on Redhat Enterprise Linux 4 (Labs) Exam.

Configuring, Managing and Troubleshooting Microsoft Exchange Server 2010

Configuring, Managing and Maintaining Windows Server 2008-based Servers (Course 6419)

EX200.Lead2pass.Exam.24q. Exam Code: EX200. Exam Name: Red Hat Certified System Administrator RHCSA. Version 14.0

"Charting the Course B Configuring, Managing and Troubleshooting Microsoft Exchange Server 2010 Course Summary

Vendor: RedHat. Exam Code: EX200. Exam Name: Red Hat Certified System Administrator - RHCSA. Version: Demo

Linux+ Guide to Linux Certification, Third Edition

Fundamentals of Windows Server 2008 Network and Applications Infrastructure

Linux+ Guide to Linux Certification, Third Edition. Chapter 2 Linux Installation and Usage

H7091S. Prerequisites

MS-10972: Administering the Web Server (IIS) Role of Windows Server

Prepared by Shiba Ratna Tamrakar

Seltestengine EX200 24q

MOC 6232A: Implementing a Microsoft SQL Server 2008 Database

10135: Configuring, Managing and Troubleshooting Microsoft Exchange Server 2010 Service Pack 2

Red Hat.Actualtests.EX200.v by.Dixon.22q. Exam Code: EX200. Exam Name: Red Hat Certified System Administrator (RHCSA) Exam

Prerequisites: General computing knowledge and experience. No prior knowledge with Linux is required. Supported Distributions:

Installing and Configuring Windows Server 2012

Configuring, Managing and Troubleshooting Microsoft Exchange Server 2010

Table of Contents. Course Introduction. Table of Contents Getting Started About This Course About CompTIA Certifications. Module 1 / Server Setup

Course No. MCSA Days Instructor-led, Hands-on

Designing Windows Server 2008 Network and Applications Infrastructure

Actual4Test. Actual4test - actual test exam dumps-pass for IT exams

Mohamed Zaki. Qualifications. Phone : Address: Egypt

10997: Office 365 Administration and Troubleshooting

Module 1: Understanding and Installing Internet Information Services

Course Content of MCSA ( Microsoft Certified Solutions Associate )

Linux for IT Managers and System Administrators Training Workshop

Office 365 Administration and Troubleshooting

Microsoft Configuring, Managing and Maintaining Windows Server 2008

6421A: Configuring and Troubleshooting a Windows Server 2008 Network Infrastructure

20533B: Implementing Microsoft Azure Infrastructure Solutions

LOMBA KETERAMPILAN SISWA

Administering the Web Server (IIS) Role of Windows Server (10972)

TestOut Network Pro - English 5.0.x COURSE OUTLINE. Modified

Transcription:

SA3 E7 Advanced Linux System Administration III Internet Network Services and Security Synopsis: This is a fast paced, level 3, advanced class for experienced administrators of Linux based hosts on a network wanting to clarify security concepts and understand secure configuration issues of network file services (NFS, SMB, FTP), Internet services (DHCP, DNS, HTTP, sendmail), IPv4 and IPv6 networking, advanced LVM, encrypted file system usage, with extensive consideration of SELinux pertaining to secure services. This class builds security related concepts and configuration techniques required to manage a large WAN connected Red Hat Enterprise Linux hosts exposed to the Internet and assumes significant prerequisite knowledge. Duration SA3-E7: 4 Days System Administration III ( SA3-E7) Description: This course is a very fast paced, high level review of the standard file sharing services of Linux and Microsoft systems (NFS, FTP, SMB) with a significant emphasis towards security configuration related to firewall access control and the Secure Environment Linux, SELinux, requirements. Students will review configuring file space using advanced partitioning services of LVM, creating signed RPM packages for network wide secure software deployment, securing common file sharing networking services, synchronized hosts for remote log management, secure Wide Area Network (WAN) service (FTP, NFS, HTTPS, SSH, sendmail) management, SELinux managed process control, advanced Firewall packet filtering, Intrusion Detection and Process Account Reporting, testing of services for compliance, sniffing and port scanning, as well as tips for troubleshooting a damaged, misconfigured or compromised system. This class is not the starting point for anyone new to Linux or UNIX. Students MUST already understand a significant level of knowledge related to Linux file systems, file manipulation utilities and have excellent experience working and administering a Linux based operating system on a live network, preferably Internet facing. NO Beginners Are Expected In This SA3-E7 Course! Prerequisites For SA3-E7: A significant level of Linux and or UN*X experience is required for this course. Including: LAN fundamentals or equivalent; Internetworking with TCP/IP or equivalent. 3+ months of solid hands on experience managing any other type of system is also ideal. SA1 Linux System Administration 1 - Essential Commands and Utilities course ASP-123 Advanced Shell Programming SA2 Linux System Administration 2 - Installation and LAN Configuration Copyright 2000-2015 All Rights Reserved www.linuxcourses.net SA3-1

Follow-on After SA3-E7: Red Hat Architect Courses : RH3xx, RH4xx,.. (RHCA related courses) Students attending SA3-E7 course will learn: Installation, LVM Partitioning for Files and Swap space Secure User Administration for Large Installations Secure Configuration of NFS, SMB and FTP Network File Services Encrypted File System Concepts and Management Configuration of SSL Secured Web Service Synchronization Of Host Logging: syslogd, NTP Hosting Multiple Web Sites Using Virtual Hosts Encryption Utilities Within Administration PGP, SSH Firewall Configuration and Testing: firewalld, firewall-cmd Secure Environment Linux (SELinux) Management Secure Remote Management : SSH Utilizing Kerberos Security With Remote Authentication Services Building and Publishing Signed RPM Packages Establishing Web Site Security Certificate: PGP Scan and Sniff Network Packets : nmap, wireshark Configuring Secure email : postfix Install, Configure and Backup MariaDB version of MySQL Intrusion Detection Option: aide System Account Reporting: sar Troubleshooting Tips and Techniques Copyright 2000-2015 All Rights Reserved www.linuxcourses.net SA3-2

Detailed Outline For Linux SA3-E7 1 Hardware Requirements and Installing Linux Custom Installation For Server Services Selecting Packages, Network, Firewall and SELinux options Using kickstart to automate installation Description of kickstart directives LAB Install a 'Server' configuration Create a kickstart script and test it 2 The Boot Process Grub.conf configuration, Grub Stages and Commands Kernel Initialization, init and Run Level Management : chkconfig Initialization scripts: /etc/inittab, /etc/init.d/*, Shutdown and Reboot Configuring and using the YUM frontend to RPM Basic security settings, Access Control Lists, ACL's Security on files and directories Creating a directory shared by a group of users Pluggable Authentication Modules, PAM, configuration and use Centralized user accounts from NIS and LDAP, client setup Testing Name Services : getent Creating, managing and monitoring file system quotas Configuring GRUB restricted access option Create a public and a group restricted directory Configure limited access using PAM Configure access to NIS and LDAP services for additional users Configure quotas for users and groups 3 File System Management Add, formatting partitions : fdisk, mkfs, ext4, xfs, mkswap Mount, umount and fsck Creating RAID Devices and Volumes Info and Recovery Options For mdadm Flexible File Systems With LVM Creating Physical Volume, Volume Group and Logical Volume Logical Volumes : lvcreate, lvextend, extende2fs Physical Volumes : pvcreate, vgcreate, vgextend Display LVM Information : pvdisplay, vgdisplay, lvdisplay Create, Format, Moun/umount Encryped File System Copyright 2000-2015 All Rights Reserved www.linuxcourses.net SA3-3

Create data and swap partitions Configure a new RAID device, format and make it available after reboot Configure a new LVM device, format and make it available after reboot Extend a logical volume while the logical volume is still active 4 Building And Publishing RPMs Review Internal Contents Of RPM Packages How To Build An Signed RPM For Distribution Create Source Code Tree Build An RPM SPEC File Build YourPackage.rpm Sign and Publish YourPackage.rpm Review An Existing RPM Package SPEC File Build An RPM Package Troubleshoot Building An RPM Package 5 Advanced User Administration User Account Management Tools SUDO Administration LDAP and NIS Remote User Configuration Kerberos Security With LDAP Enabling Remote User AutoMount of Home Directory Configuring SSH Keys On Multiple Hosts Configure Remote Users Connect Remote User Home Directories With autofs Establish Trusted Identities On Remote Hosts With ssh 6 Kernel and SELinux Management Tune Specific Kernel Network Parameters /proc Virtual File System Access, Usage and Control : sysctl Kernel Module Management Understanding and Troubleshooting SELinux HowTo Configure New SELinux Settings Observe modules being loaded by kernel Create and Troubleshoot SELinux errors Copyright 2000-2015 All Rights Reserved www.linuxcourses.net SA3-4

7 Advanced Network Admin Tools Configuring Multiple IP Values Per NIC : IP Alias Configuring A Virtual Bridge Between Virtual Machines Aggregating Multiple Network Adapters Into A Bond Set Configuring Bond Service IPv6 Features and Management Tools Configure Second IP (Alias) Create A Bond Create A Bridge Create and Troubleshoot SELinux errors 8 MariaDB + Secure Virtual Web Services Apache Overview Of Support Apache Server Configuration Server and Namespace Configuration Creating Multiple Virtual Hosts Apache Access Control Using LDAP and.htaccess Apache SELinux Configuration CGI Scripts Implementation and Issues Apache Encrypted Web Server Certificates Installing MariaDB (MySQL Replacement) Back Up And Restore MariaDB Implementing multiple web sites Add password controlled directories Restrict access to non web related directories Use CGI scripts in web pages Install MariaDB, Create Tables and Records Backup and Restore MariaDB Databases 9 Network Services : NTP,FTP,NFS,CIFS File Transfer Protocol (FTP) Network File Service (NFS) Network Time Protocol Configuration (NTP) Samba Services and Daemons (CIFS) Configuring File Sharing and Selective User Access Samba Managing Authentication Methods Printing to the Samba Server Copyright 2000-2015 All Rights Reserved www.linuxcourses.net SA3-5

Samba Syntax checkers: testparm Samba Client Tools: smbclient Admin tools: nmblookup, mount, fstab Firewall Requirements Update FTP service, add NFS and SMB shares Limit access to local net for all shares in firewall 10 DNS + DHCP Configuration DNS-Specific Resolvers Trace a DNS Query with dig, nslookup DNS Basics : Zones, Domains & Delegation Internet DNS and Name Server Hierarchy Client-side DNS, Server-side DNS Berkeley Internet Name Daemon (BIND) Configuring BIND : Configuration File Basics bind-chroot Package Address Match Lists and acl Usage Testing Utilities: named-checkconf, named-checkzone Caching-only Name Server Round Robin Load Sharing through DNS Remote Name Daemon Control (rndc) The DHCP Service Overview Configuring an IPv4 DHCP Server Implement DNS Server, add subdomain, slave to a master domain Provide DHCP Services 11 Electronic Mail Services A Review of Email Services and features Basic sendmail Features Main Configuration Files Security and "Anti-Spam" Features Blacklisting Recipients Generating sendmail Configuration with m4 sendmail Client Configuration Debugging sendmail Using alternatives to Switch MTAs Postfix version of sendmail Using and configuring Postfix Additional postfix Configuration Files Mail Retrieval Protocols Copyright 2000-2015 All Rights Reserved www.linuxcourses.net SA3-6

Basics of procmail for Local Delivery Configuring POP3 and IMAP Configuring Secure POP3S and IMAPS Creating Local Certificate for POP3S and IMAPS Configuring no relay, open email Adding POP3, POP3S, IMAP, IMAPS and certificate Testing email services, configuring procmail 12 Secure Access And Monitoring: Scan + Sniff Overview Why We Monitor Users Using Process and User Monitoring Tools Sniffing Network Connections : wireshark, tcpdump Port scanning Locking Down Network Access With SSH Services Utilizing Secure Inter-Host Utilities Securing Remote Desktop Management The Need For Encryption : Random Numbers Symmetric and Asymmetric Encryption Using PKI : Public Key Infrastructures Digital Certificates SSH Server and Client Configuration Client Key Management Using SSH keys with and without passphrases Configuring Secure Remote Hosts Access 13 Securing The Host: Firewall, IDE, rsyslog, SSH Aide - Intrusion Detection Configuration And Management Process Accounting With System Account Reporter : sar Netfilter Firewall (FW) Overview Firewall Rules: General Considerations Firewall Port Options Firewall Connection Tracking Firewall Network Address Translation (NAT) Secure Tunnelling Using SSH Install and Configure aide Install and Configure sar Securing Local Network Services With A Firewall Tunneling X Applications Through SSH Copyright 2000-2015 All Rights Reserved www.linuxcourses.net SA3-7

14 Troubleshooting Where to start looking for trouble Review common errors of service management Understand new 'single user mode' and Rescue Mode Practice Fixing Misconfigurations Using the chroot command within rescue mode Copyright 2000-2015 All Rights Reserved www.linuxcourses.net SA3-8

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback