Opleiding: Linux Security - SELinux and auditd (English) (Virtueel)

Lesmethode :

Virtueel

Algemeen :

SELinux, Security Enhanced Linux, is an additional security layer for Linux and is standard on Enterprise Linux variants such as Red Hat Enterprise Linux, AlmaLinux, RockyLinux, and OracleLinux.
For many administrators, SELinux can be a challenging security measure to implement and is often wrongly disabled. With increased cyber threats, actively using SELinux is recommended and is often required by organizational security policies.

In this course, the basic concepts of SELinux are explained, and it is discussed how SELinux can be correctly configured and used in the standard, daily practice. To be able to solve SELinux-related problems, the course also delves into investigating SELinux log information and teaches, through practical exercises, how to resolve issues.

In addition to active measures such as using SELinux, the detection of potentially malicious changes is becoming increasingly important. Changes to Linux and application configurations can be monitored using the Linux Audit Daemon auditd. The course focuses on how these changes can be recorded in Linux Audit Daemon log files through practical exercises and explains how this complex log information can be read and interpreted. Since SELinux also uses the Linux Audit Daemon, this course will help in better understanding detailed SELinux log information.

Doel :

After this course you will have basic knowledge about SELinux and the Linux auditing system Auditd.

Doelgroep :

Linux sysadmins, Linux Support Specialists, Developers.

Voorkennis :

Basic knowledge and experience with the text-oriented Command Line Interface is required at least on the level of the course Linux/Unix Fundamentals.

Onderwerpen :

- SELinux ¿ introduction.
- SELinux - alternatives.
- Use of the SELinux modes. (Enforcing, Permissive, Disabled) and SELinux types (Targeted, Mimimum and MLS/MCS)
- Daily use and management of SELinux.
- Updating the standard SELinux policy.
- SELinux troubleshooting.
- Usage of SELinux confined users.
- Linux Auditd - introduction.
- Use and interpretation of Auditd logfiles.
- Introduction Auditd rules creation
- Introduction Auditd logging.

Meer...

Nu inschrijven

Informatie aanvragen

€780

ex. BTW

Aangeboden door

AT Computing

Onderwerp

Linux

Engels

Niveau

Looptijd

1 dag

Taal

Type product

training

Lesvorm

Klassikaal

Aantal deelnemers

Max: 12

Tijdstip

Overdag