Course Description

Red Hat Enterprise Security: Network Services (RHS333) is an intensive course that equips senior system administrators and security professionals with the skills and knowledge required to harden systems against both internal and external attacks. This class advances beyond the essential security coverage offered in the RHCE curriculum and delves more deeply into the security features, capabilities, and how to properly respond to sophisticated security threats aimed at enterprise systems. Students will also cover an in-depth analysis of the ever-changing threat models as they pertain to Red Hat Enterprise Linux. At the end of the four day course, students should be able to design and implement an adequate security profile for critical enterprise systems.

Course Content

Learn how to improve and maintain the security of typical network . Focus on mechanism at the Transport layer or in the OSI network model

• Security services
• Cryptography
• Intrusion Detection and prevention

Unit 1:- The Threat Model and Protection Methods

• Basic types of attacks
• Protection mechanism
• Xen terminology

Unit 2:- Basic Service Security

• SELinux
• Host-based access control
• Firewalls using Netfilter and iptables
• TCP wrappers option
• Advanced xinetd configuration

Unit 3:- Cryptography

• Overview of cryptographic techniques
• Management of SSL certificates
• Using GnuPG
• Network communication vulnerabilities

Unit 4:- BIND and DNS Security

• BIND vulnerabilities
• DNS Security: attacks on DNS
• Access control lists
• Transaction signatures
• Restricting zone transfers and recursive queries
• DNS Topologies
• Bogus servers and blackholes
• Views
• Monitoring and logging
• Dynamic DNS security

Unit 5:- Network Authentication: RPC, NIS, and Kerberos

• Vulnerabilities
• Network-managed users and account management
• RPC and NIS security issues
• Improving NIS security
• Using Kerberos authentication
• Kerberos Encryption

Unit 6:- Network File System

• Overview of NFS versions 2, 3, and 4
• Security in NFS versions 2 and 3
• Improvements in security in NFS4
• Troubleshooting NFS4
• Client-side mount options

Unit 7:- OpenSSH

• Vulnerabilities
• Server configuration and the SSH protocols
• Authentication and access control
• Client-side security
• Port-forwarding and X11-forwarding issues

Unit 8:- Electronic Mail with Sendmail

• Vulnerabilities
• Server topologies
• Email encryption
• Anti-spam mechanisms

Unit 9:- Postfix

• Vulnerabilities
• Security and Postfix design
• Anti-spam mechanisms
• Configuring SASL/TLS

Unit 10:- FTP

• Vulnerabilities
• The FTP protocol and FTP servers
• Logging
• Anonymous FTP
• Access control

Unit 11:- Apache security

• Vulnerabilities
• Access control
• Authentication: files, passwords, Kerberos
• Security implications of common configuration options
• CGI security

Unit 12:- Intrusion Detection and Recovery

• Intrusion risks
• Security policy
• Detecting possible intrusions
• Monitoring network traffic and open ports
• Detecting modified files
• Investigating and verifying detected intrusions
• Recovering from, reporting, and documenting intrusions

EXAM DETAIL OF RH333-:

Exam duration:-RH333 Exam have 2 secession

1st  secession = 3.00hr
2nd  secession = 3.00hr

Exam totally based on practical.

You must have a RHCE Certified and RH333 book.