This course is now legacy content

This course is using an outdated version of the technology and is now considered to be Legacy content. It will be removed from our catalog on June 28, 2024. Please be sure to complete your course and finish any remaining labs before that date. We recommend moving to version 9.2, which is the latest version currently available.

Preface A: Introduction

Section A.1: Red Hat Security: Linux in Physical, Virtual, and Cloud

Section A.2: Orientation to the Classroom Environment

Section A.3: Internationalization

Chapter 1: Managing Security and Risk

Section 1.1: Managing Security and Risk

Section 1.2: Quiz: Managing Security and Risk

Section 1.3: Reviewing Recommended Security Practices

Section 1.4: Guided Exercise: Reviewing Recommended Security Practices

Section 1.5: Lab: Managing Security and Risk

Section 1.6: Summary

Chapter 2: Automating Configuration and Remediation with Ansible

Section 2.1: Configuring Ansible for Security Automation

Section 2.2: Guided Exercise: Configuring Ansible for Security Automation

Section 2.3: Remediating Issues with Ansible Playbooks

Section 2.4: Guided Exercise: Remediating Issues with Ansible Playbooks

Section 2.5: Managing Playbooks with Red Hat Ansible Tower

Section 2.6: Guided Exercise: Managing Playbooks with Red Hat Ansible Tower

Section 2.7: Lab: Automating Configuration and Remediation with Ansible

Section 2.8: Summary

Chapter 3: Protecting Data with LUKS and NBDE

Section 3.1: Managing File System Encryption with LUKS

Section 3.2: Guided Exercise: Managing File System Encryption with LUKS

Section 3.3: Controlling File System Decryption with NBDE

Section 3.4: Guided Exercise: Controlling File System Decryption with NBDE

Section 3.5: Lab: Protecting Data with LUKS and NBDE

Section 3.6: Summary

Chapter 4: Restricting USB Device Access

Section 4.1: Controlling USB Access with USBGuard

Section 4.2: Guided Exercise: Controlling USB access with USBGuard

Section 4.3: Lab: Restricting USB Device Access

Section 4.4: Summary

Chapter 5: Controlling Authentication with PAM

Section 5.1: Auditing the PAM Configuration

Section 5.2: Guided Exercise: Auditing the PAM Configuration

Section 5.3: Modifying the PAM Configuration

Section 5.4: Guided Exercise: Modifying the PAM Configuration

Section 5.5: Configuring Password Quality Requirements

Section 5.6: Guided Exercise: Configuring Password Quality Requirements

Section 5.7: Limiting Access After Failed Logins

Section 5.8: Guided Exercise: Limiting Access After Failed Logins

Section 5.9: Lab: Controlling Authentication with PAM

Section 5.10: Summary

Chapter 6: Recording System Events with Audit

Section 6.1: Configuring Audit to Record System Events

Section 6.2: Guided Exercise: Configuring Audit to Record System Events

Section 6.3: Inspecting Audit Logs

Section 6.4: Guided Exercise: Inspecting Audit Logs

Section 6.5: Writing Custom Audit Rules

Section 6.6: Guided Exercise: Writing Custom Audit Rules

Section 6.7: Enabling Prepackaged Audit Rule Sets

Section 6.8: Guided Exercise: Enabling Prepackaged Audit Rule Sets

Section 6.9: Lab: Recording System Events with Audit

Section 6.10: Summary

Chapter 7: Monitoring File System Changes

Section 7.1: Detecting File System Changes with AIDE

Section 7.2: Guided Exercise: Detecting File System Changes with AIDE

Section 7.3: Investigating File System Changes with AIDE

Section 7.4: Guided Exercise: Investigating File System Changes with AIDE

Section 7.5: Lab: Monitoring File System Changes

Section 7.6: Summary

Chapter 8: Mitigating Risk with SELinux

Section 8.1: Enabling SELinux from the Disabled State

Section 8.2: Guided Exercise: Enabling SELinux from the Disabled State

Section 8.3: Controlling Access with Confined Users

Section 8.4: Guided Exercise: Controlling Access with Confined Users

Section 8.5: Auditing the SELinux Policy

Section 8.6: Guided Exercise: Auditing the SELinux Policy

Section 8.7: Lab: Mitigating Risk with SELinux

Section 8.8: Summary

Chapter 9: Managing Compliance with OpenSCAP

Section 9.1: Installing OpenSCAP

Section 9.2: Guided Exercise: Installing OpenSCAP

Section 9.3: Scanning and Analyzing Compliance

Section 9.4: Guided Exercise: Scanning and Analyzing Compliance

Section 9.5: Customizing OpenSCAP Policy

Section 9.6: Guided Exercise: Customizing OpenSCAP Policy

Section 9.7: Remediating OpenSCAP Issues with Ansible

Section 9.8: Guided Exercise: Remediating OpenSCAP Issues with Ansible

Section 9.9: Lab: Managing Compliance with OpenSCAP

Section 9.10: Summary

Chapter 10: Automating Compliance with Red Hat Satellite

Section 10.1: Configuring Red Hat Satellite for OpenSCAP

Section 10.2: Guided Exercise: Configuring Red Hat Satellite for OpenSCAP

Section 10.3: Scan OpenSCAP Compliance with Red Hat Satellite

Section 10.4: Guided Exercise: Scan OpenSCAP Compliance with Red Hat Satellite

Section 10.5: Customize the OpenSCAP Policy in Red Hat Satellite

Section 10.6: Guided Exercise: Customize OpenSCAP Policy in Red Hat Satellite

Section 10.7: Lab: Automating Compliance with Red Hat Satellite

Section 10.8: Summary

Chapter 11: Analyzing and Remediating Issues with Red Hat Insights

Section 11.1: Registering Systems with Red Hat Insights

Section 11.2: Quiz: Registering Systems with Red Hat Insights

Section 11.3: Reviewing Red Hat Insights Reports

Section 11.4: Quiz: Reviewing Red Hat Insights Reports

Section 11.5: Automating Issue Remediation

Section 11.6: Quiz: Automating Issue Remediation

Section 11.7: Summary

SectionChapter 12: Comprehensive Review

SectionSection 12.1: Comprehensive Review

Section 12.2: Lab: Automating Configuration and Remediation with Ansible

Section 12.3: Lab: Protecting Data with LUKS and NBDE

Section 12.4: Lab: Restricting USB Device Access and Mitigating Risk with SELinux

Section 12.5: Lab: Recording Events, Monitoring File System Changes and Managing Compliance with OpenSCAP

Bookmark this page

P 1 2 3 4 5 6 7 8 9 10 11 12

Chapter 12. Comprehensive Review

Section Comprehensive Review
Lab: Automating Configuration and Remediation with Ansible
Lab: Protecting Data with LUKS and NBDE
Lab: Restricting USB Device Access and Mitigating Risk with SELinux
Lab: Recording Events, Monitoring File System Changes and Managing Compliance with OpenSCAP

Abstract

Goal	Review tasks from Red Hat Security: Linux in Physical, Virtual, and Cloud
Objectives	Review tasks from Red Hat Security: Linux in Physical, Virtual, and Cloud
Sections	Comprehensive Review
Lab	Lab: Automating Configuration and Remediation with Ansible Lab: Protecting Data with LUKS and NBDE Lab: Restricting USB Device Access Lab: Recording Events, Monitoring File System Changes, and Managing Compliance with OpenSCAP

Comprehensive Review

Objectives

After completing this section, students should have reviewed and refreshed the knowledge and skills learned in Red Hat Security: Linux in Physical, Virtual, and Cloud.

Reviewing Red Hat Security: Linux in Physical, Virtual, and Cloud

Before beginning the comprehensive review for this course, students should be comfortable with the topics covered in each chapter.

Students can refer to earlier sections in the textbook for extra study.

Chapter 1, Managing Security and Risk

Define strategies to manage security on Red Hat Enterprise Linux servers.

Describe the fundamental concepts of security management for Red Hat Enterprise Linux servers, how to approach the security management process, and how Red Hat's development process and security response practices help.
Review simple recommended practices to improve the security of a server system.

Chapter 2, Automating Configuration and Remediation with Ansible

Remediate configuration and security issues automatically with Ansible Playbooks.

Describe the benefits of automation tools for managing security, install and configure an Ansible control node, and configure systems so that they can be managed by Ansible.
Read and interpret an existing Ansible Playbook, and run it in order to apply its plays to hosts as specified by the plays and the current Ansible inventory.
Run playbooks and manage access to authentication credentials using Red Hat Ansible Tower

Chapter 3, Protecting Data with LUKS and NBDE

Encrypt data on storage devices with LUKS, and use NBDE to manage automatic decryption when servers are booted.

Create encrypted storage devices with LUKS, and manually open and mount storage on LUKS-encrypted devices.
Manage decryption policy, and automatically decrypt storage when specified conditions are met, using NBDE.

Chapter 4, Restricting USB Device Access

Protect systems from rogue USB device access with USBGuard.

Configure and use USBGuard in order to selectively control USB device access.

Chapter 5, Controlling Authentication with PAM

Manage authentication, authorization, session settings, and password controls by configuring Pluggable Authentication Modules (PAM).

Explain how PAM works and interpret the effect of settings in existing PAM configuration files.
Configure authentication by updating the PAM files, and explain recommended practices for modifying and managing PAM configuration files.
Implement password quality requirements using pam_pwquality and authconfig.
Implement account locking after a specified number of failed logins.

Chapter 6, Recording System Events with Audit

Record and inspect system events relevant to security by using the Linux kernel's Audit subsystem and supporting tools.

Ensure Audit is installed and configured to record system events, and forward audit messages to a central audit server.
Search for events and generate reports from the audit log and interpret the results.
Write your own audit rules to configure the system to collect information about particular events.
Enable standard audit rule sets provided with Red Hat Enterprise Linux and identify potentially useful rule sets.

Chapter 7, Monitoring File System Changes

Detect and analyze changes to a server's file systems and their contents by using AIDE.

Detect and identify changes to files on a system that has AIDE installed, and manage AIDE checks and the AIDE detection database.
Investigate causes of file system changes reported by AIDE by using Linux Audit tools.

Chapter 8, Mitigating Risk with SELinux

Improve security and confinement between processes by using SELinux and advanced SELinux techniques and analysis.

Configure SELinux in Enforcing mode on a server that has been running with SELinux disabled.
Limit user access to the system and the root account by configuring them as confined users.
Examine a system's SELinux policy to evaluate the access it permits, and to troubleshoot and resolve issues.

Chapter 9, Managing Compliance with OpenSCAP

Evaluate and remediate a server's compliance with security policies by using OpenSCAP.

Explain what OpenSCAP is and how it works, and install OpenSCAP tools and SCAP Security Guide content on a server.
Evaluate a server's compliance with the requirements specified by a policy from the SCAP Security Guide using OpenSCAP tools.
Create a tailoring file to adjust the policy's security checks so that they are relevant and correct for a specific system and its use case.
Run Ansible Playbooks, provided with the SCAP Security Guide's content, to remediate compliance checks that failed an OpenSCAP scan.

Chapter 10, Automating Compliance with Red Hat Satellite

Automate and scale your ability to perform OpenSCAP compliance checks and remediate compliance issues using Red Hat Satellite.

Configure an existing Red Hat Satellite to perform OpenSCAP scans of registered servers.
Perform OpenSCAP scans of registered systems from the Red Hat Satellite interface and evaluate the results of those scans.
Apply a tailoring file to a SCAP profile in Red Hat Satellite and use the customized SCAP policy to scan registered servers.

Chapter 11, Analyzing and Remediating Issues with Red Hat Insights

Identify, detect, and correct common issues and security vulnerabilities with Red Hat Enterprise Linux systems by using Red Hat Insights.

Explain what Red Hat Insights is and how it complements OpenSCAP, and register a Red Hat Enterprise Linux server with Red Hat Insights.
Review and interpret issue reports provided by Red Hat Insights in your Red Hat Satellite web interface.
Remediate issues reported by Red Hat Insights using Red Hat Ansible Engine and Red Hat Ansible Tower integration with Red Hat Satellite.

Discuss Red Hat Security: Linux in Physical, Virtual, and Cloud

Go to community

Welcome to the Red Hat Security: Linux in Physical, Virtual, and Cloud (RH415) group!

Deanna

26 wrz 2023

We are excited to launch a space dedicated to the Red Hat Training course Red Hat Security: Linux in Physical, Virtual, and Cloud! To gain the most value from this group - click the "Join Group" button in the upper right hand corner of the group home page.We encourage group members to collaborate in this group to discuss topics, ask questions, share best practices and tips, provide course feedback, and share their accomplishments as it relates to RH415.Read more about Red Hat Security: Linux in Physical, Virtual, and Cloud here.

415

Revision: rh415-7.5-b847083