Administering Security on the Solaris[tm] 8 Operating Environment( SC-300 )
| Course Description |  |
The Administering Security on the Solaris[tm] 8 Operating Environment course provides students with the skills to implement, administer, and maintain a secure Solaris Operating Environment (OE).
| Course details |
| id:
SC-300 |
| duration:
5 days
| | list price: $
2795.00 |
|
Who Can Benefit |
|
Solaris system administrators and Solaris security administrators with responsibility for administering one or more homogeneous Solaris OE systems or administering security on one or more Solaris OE systems
|
Prerequisites |
|
To succeed fully in this course, students should be able to:
Demonstrate basic Solaris OE system and network administration skillsInstall the Solaris OEAdminister users, printers, file systems, networks, and devices on the Solaris OEDemonstrate a basic understanding of Transmission Control Protocol/Internet Protocol (TCP/IP) networking
|
Skills Gained |
|
Upon completion of this course, you should be able to:
Describe security terminology and common forms of security attackUse Solaris OE logging and auditing to identify actual and potential security attacksSecure a Solaris OE host against user and network attacksUse tools such as Titan and SAINT to improve system security
|
Related Courses |
|
Before: SA-399: Network Administration for the Solaris 9 Operating EnvironmentAfter: SC-345: Solaris Network Intrusion Detection
|
Course Content |
|
Describe basic system security, its manifestations, and the sources and implications of poor securityExplain what security means in computing termsExplain why system security is importantRecognize security terminologyIdentify different types of security violationDescribe the most likely sources of security violationsDescribe the need for security policyRecognize the difference between prevention of security violations and fixing after the eventExplain how to obtain and build third-party security tools
Locate and interpret Solaris OE standard log filesUse log files to form an audit traiLConfigure and use the syslogd daemonConfigure and use the Solaris OE process monitoring control toolsUse third-party process monitoring toolsConfigure and use UNIX® accounting tools
|
Module 3 - The Solaris OE Basic Security Module |
Back To Top
|
Implement auditing using the Solaris OE Basic Security Module (BSM)Use the BSM to log user and kernel eventsLocate and configure the necessary administrative files to implement device allocation functionalityAllocate and de-allocate shared devices
Recognize and detect the following common security attacks and list at least two consequences of each: Trojan horsesBack door attacksDoS attacksDescribe how attackers can use a rootkit to cover their tracks
|
Module 5 - Administering User Accounts Securely |
Back To Top
|
Explain how to add, maintain, and delete user accounts securelyAdminister login accounts with special requirementsDescribe how to make special user accounts more secureConfigure restricted shell accounts
List at least two measures that constitute good password practiceConfigure and use the password-cracking tool crack
Configure and use Role Based Access Control (RBAC)Configure and use the sudo utility
Set secure file permissions and ownershipsDescribe the security implications of using set-user-id (SUID) programsDescribe the security implications of setting sticky bits on directoriesConfigure and use access control lists (ACLs)Encrypt data using the crypt commandDescribe the security implications of device filesDescribe common security issues with backup and restore strategies
Describe the role of file system auditingDescribe how file system auditing tools such as TripWire can secure your systemDescribe the purpose of Solaris OE Fingerprint Database
Describe the term "network sniffing"Describe use of common sniffer toolsDescribe common network service attacksDescribe network DoS attacks
Describe the basic aspects of the Secure Sockets Layer (SSL) Explain why SSL is required, and what it doesConfigure secure communications between hosts using IPsec
Apply SAINT to improve network securityInstall SAINT and launch probes using the SAINT graphical user interfaceConfigure SAINT using the configuration fileInterpret SAINT reportsUse the Courtney scanning tool to detect SAINT-type attacks
Configure network services such as telnet and FTPConfigure remote access using rlogin and rshExplain the role of chroot for enhanced securityConfigure Anonymous FTPDescribe the role of authentication toolsConfigure and use PAMDisable the use of rhosts filesDescribe the Sun Enterprise Authentication Mechanism and the Kerberos 5 protocol
List at least two reasons for hardening a systemDescribe the role of Titan in a secure systemInstall and configure TitanWrite a Titan moduleConfigure and use the Automated Security Enhancement Tool (ASET)
|
Module 15 - Authenticating Network Services |
Back To Top
|
Explain how to authenticate network clientsInstall and configure TCP wrappersMonitor the use of telnet, FTP, and other utilities with TCP wrappersUse TCP wrappers to control network access to the system
Identify the benefits of the secure shellInstall and configure the secure shellUse the secure shell
Justify the need for physical system security and define measures that enhance the physical system securityExplain the potential weak points in a physical networkDisable the STOP-A keyExplain the role of the EEPROM password and security modes
|
Module 18 - Connecting the Enterprise to the Outside World |
Back To Top
|
Explain the importance and role of firewalls, proxy servers, and other enterprise network security componentsDescribe ongoing security tasksExplain the role of security auditsList common sources of security information |
