Training > System Administration > Linux Security (LFS416)
INSTRUCTOR-LED COURSE

Linux Security (LFS416)

This instructor-led course will walk you through the many risks and threats that exist, show you how to use best practices and other open-source tools to mitigate or counteract those threats, and teach you what you need to know to detect and recover from those attacks that do happen.

Who Is It For

This course is for individuals already experienced in Linux system administration who want to improve their security posture. Before enrolling, you should have a solid understanding of core local system administration and networking concepts, and be experienced with Linux (or more generally UNIX), especially at the command line level.
read less read more
What You’ll Learn

In this course you will learn how to assess security risks in your enterprise Linux environment, the best techniques and tools to increase security, server hardening, how to deploy and use monitoring and attack detection tools, how to gain visibility into possible vulnerabilities, the art and science of developing your Linux security policy and response strategy, how to configure your systems for compliance with HIPAA, DISA STIG, etc., and more.
read less read more
What It Prepares You For

This advanced, completely hands-on course adopts a highly technical approach to cover important security techniques and tools. By providing visibility both into attack vectors and possible security holes, this course provides you a complete guide on how to mitigate security risks in any Linux environment.
read less read more
Course Outline
Introduction
Linux Foundation
Linux Foundation Training
Linux Foundation Certifications
Linux Foundation Digital Badges
Laboratory Exercises, Solutions and Resources
E-Learning Course: LFS216
Distribution Details
Labs
Security Basics
What is Security?
Assessment
Prevention
Detection
Reaction
Labs
Threats and Risk Assessment
Classes of Attackers
Types of Attacks
Trade Offs
Labs
Physical Access
Physical Security
Hardware Security
Understanding the Linux Boot Process
Labs
Logging
Logging Overview
Syslog Services
journald Services
The Linux Kernel Audit Daemon
Linux Firewall Logging
Log Reports
Labs
Auditing and Detection
Auditing Basics
Understanding an Attack Progression
Detecting an Attack
Intrusion Detection Systems
Labs
Application Security
Bugs and Tools
Tracking and Documenting Changes
Resource Access Control
Mitigation Techniques
Policy Based Access Control Frameworks
Real World Example
Labs
Kernel Vulnerabilities
Kernel and User Spaces
Bugs
Mitigating Kernel Vulnerabilities
Vulnerabilities Examples
Labs
Authentication
Encryption and Authentication
Passwords and PAM
Hardware Tokens
Biometric Authentication
Network and Centralized Authentication
Labs
Local System Security
Standard UNIX Permissions
Administrator Account
Advanced UNIX Permissions
Filesystem Integrity
Filesystem Quotas
Labs
Network Security
TCP/IP Protocols Review
Remote Trust Vectors
Remote Exploits
Labs
Network Services Security
Network Tools
Databases
Web Server
File Servers
Labs
Denial of Service
Network Basics
DoS Methods
Mitigation Techniques
Labs
Remote Access
Unencrypted Protocols
Accessing Windows Systems
SSH
IPSEC VPNs
Labs
Firewalling and Packet Filtering
Firewalling Basics
iptables
Netfilter Implementation
Netfilter rule management
Mitigate Brute Force Login Attempts
nft Concepts
Labs
Response and Mitigation
Preparation
During an Incident
Handling Incident Aftermath
Labs
Compliance testing with OSCAP
Compliance Testing
SCAP Introduction
OpenSCAP
SCAP Workbench
Command Line Scan
Labs
Closing and Evaluation Survey

Learning Path
To make the most of of this course, you should:

  • Have a solid understanding of core local system administration and networking concepts equivalent to that obtained from LFS301 Linux System Administration and LFS311 Linux Networking and Administration.
  • Be experienced with Linux (or more generally UNIX), especially at the command line level.