SMT

Resource

Center

 

Coming Soon

Security Management Technology Center Develop Elearning, FAQ , New Center...

SMT BLOG
E12D21D86 Security is always a concern, and with major security holes like Shellshock and Heartbleed being announced regularly, it’s more critical than ever to secure the data you are liable for. This course will walk you through the many risks and threats that exist, show you how to use best practices and other open-source tools to mitigate or counteract those threats, and teach you what you need to know to detect and recover from those attacks that do happen.

Audience

Any professional IT manager and administrator should benefit from this course. Software developers who need to improve their knowledge of security concepts and strategies will also find a great deal of information that applies to their responsibilities.

Course Materials

As part of your registration, a printed copy of the course manual will be course manual will be provided. If you are attending in person the material will be available onsite on the day the class begins. If you are attending virtually it will be mailed to you the week prior to the class. Please contact us at This email address is being protected from spambots. You need JavaScript enabled to view it. if you haven't received it 2 business days prior to the start of class.

 

Course Outline

Linux Security

  1. Introduction
    • Linux Foundation
    • Linux Foundation Training
    • Logistics
  2. Introduction to Security
    • What is Security
  3. Threats and Risk Assessment
    • Types of Attacks
    • Trade Offs
  4. Physical Access
    • Physical Security
    • Hardware Security
    • Understanding the Linux Boot Process
  5. Logging
    • Logging Overview
    • Syslog Services
    • The Linux Kernel Audit Daemon
    • Linux Firewall Logging
    • Log Reports
  6. Auditing and Detection
    • Auditing Basics
    • Understanding an Attack Progression
    • Detecting an Attack
    • Intrusion Detection Systems
  7. Application Security
    • Bugs, Beetles, and More
    • Tracking and Documenting Changes
    • Resource Access Control
    • Mitigation Techniques
    • Policy Based Access Control Frameworks
    • Real World Example
  8. Kernel Vulnerabilities
    • Kernel and User Spaces
    • Bugs
    • Mitigating Kernel Vulnerabilities
    • Vulnerabilities Examples
  9. Authentication
    • Encryption and Authentication
    • Passwords
    • Hardware Tokens
    • Biometric Authentication
    • Network and Centralized Authentication
  10. Local System Security
    • Standard UNIX Permissions
    • Administrator Account
    • Advanced UNIX Permissions
    • Filesystem Integrity
    • Filesystem Quotas
  11. Network Security
    • TCP/IP Protocols Review
    • Remote Trust Vectors
    • Remote Exploits
  12. Network Services Security
    • Network Tools
    • Databases
    • Web Server
    • File Servers
  13. Denial of Service
    • Network Basics
    • DoS Methods
    • Mitigation Techniques
  14. Remote Access
    • Unencrypted Protocols
    • Accessing Windows Systems
    • SSH
    • IPSEC VPNs
  15. Firewalling and Packet Filtering
    • Firewalling Basics
    • Netfilter (IPTables)
    • Netfilter Implementation
    • Mitigate Brute Force Login Attempts
  16. Response and Mitigation
    • Preparation
    • During an Incident
    • Handling Incident Aftermath
  17. Conclusion