Course Content
Installations -Network - VNC - Kickstart
- Discuss features of RedHat Enterprise Linux 6
- Create HTTP installation source tree
- Explore installation options
- Install via HTTP - Text Mode
- Perform VNC Install
- Graphical installation
- Kickstart, automated installation
- Use Rescue Mode
- Explore Single-User Mode
- Discuss INIT - Upstart facilities
Explore Requisite Shell Utilities
- 'pwd', 'touch', 'stat', 'ls', 'id'
- 'echo', 'cat'
- 'cp' - copy files
- 'mv' - move files throughout the file system
- 'tty' - Discuss terminals
- 'tar' - explore features and advantages of tarballs
- 'gzip', 'bzip2', 'zip' - Compress content
- 'md5sum', 'sha1sum', 'sha256sum', 'sha512sum' - checksums
- 'file' - discuss logic used to ascertain file type
- 'find' - single and multiple expressions and criteria
- Use 'w' commands
- 'ps' - explore process lists
- free & top - explore process management with top
- Process lines with: 'grep'
- Process fields with: 'awk'
- Explore 'sed' - streams processing
- Basics of: 'perl'
- User and group management concepts
Permissions - Symlinks - Quotas - File System Management
- Explain Discretionary Access Controls (DAC) file system permissions
- Manipulate DAC permissions
- Create Symbolic links
- Implement file system quotas
- Use 'parted' and 'fdisk' to manipulate partitions
- FSTAB - explore File System Table
- Allocate swap storage
- Logical Volume Management (LVM) - Discuss concepts and applications
- Allocate partitions for usage with LVM
- Create Physical Volumes
- Create Volume Groups based on Physical Volumes
- Create Logical Volumes based on Volume Groups
- Mount and use LVM Volumes
- Resize LVM Volumes
- Generate RAID volumes
- Evaluate results
RPM | YUM Package Management
- Query existing packages & file-based packages
- Identify offline and online package repositories
- Install packages
- Upgrade packages
- Remove packages
- Create YUM repositories
- Manage packages using YUM
- Configure redundant YUM repositories
- Explore Package Kit - GUI
CRON - System Scheduler
- Explore Cron Implementation
- Explain scheduler
- Global and scope-based Cron options
- Schedules jobs to run & examine the output
- Configure individual Crontab entries
- Explore 'at' & 'batch' usage
RSYSLOG and Logrotate
- Discuss rsyslog facilities & levels
- Configure TCP listener
- Log Cisco router events to rsyslog server
- Explore log rotation
Network Utilities
- PING
- Use Telnet to test TCP ports
- Explore Netstat socket listings
- Use arp to enumerate layer-2 neighbors
- LFTP - basic usage, job control
- LFTP - mirror and reverse mirror content
- LFTP - batch, non-interactive, scripted mode
- Explore: 'wget', 'curl' & 'ssh'
Network Interface Configuration
- Discuss concepts
- Identify key files & scripts
- Explore: IPv4 & IPv6 configuration
- Configure aliased interfaces
- Provision additional NIC
- Evaluate results
Very Secure File Transfer Protocol Daemon (VSFTPD)
- Concepts & Applications
- Explore configuration directives
- Disable anonymous access
- Source connections to VSFTPD
RSYNC
- Discuss features
- Synchronize inter-server content
- Evaluate
Trivial File Transfer Protocol Daemon (TFTPD)
- Concepts & Applications
- Install and configure
- Archive Cisco router configuration
- Use 'tftp' client to move data
- Discuss caveats
TELNETD
- Concepts & Applications
- Enable via XINETD
- Source connections to TELNETD
NTPD
- Explain NTP hierarchy
- Configure time sources
- Synchronize internal resources via NTP
- Evaluate results
Dynamic Host Configuration Protocol (DHCPD)
- Configure exclusive broadcast domain
- Install and configure DHCPD
- Implement reservations
- Examine client configuration
- Evaluate results
Domain Name System (DNS) - BIND
- Configure BIND as a caching-only DNS server
- Implement Master DNS Zones
- Configure Master/Slave Zones with peer
- Evaluate results of BIND configuration
- Configure IPv4 reverse support
- Configure IPv6 forward & reverse support
- Resolve queries - compare & contrast client resolvers
Network File System (NFS) Implementation
- Implement NFS Server
- Export shares and discuss options
- Mount NFS exports on remote Linux Host
- Implement AutoFS
Samba Implementation
- Implement Linux & Windows Integration via Samba
- Use key Samba clients
- Explore Samba Configuration files
- Install Samba Server support
- Configure Samba file sharing
- Configure Samba-Active Directory Integration with Winbind
- Evaluate results
Apache Web Server Implementation
- Explore Apache configuration tree
- Peruse log configuration variables
- Configure IP-based Virtual Hosts
- Configure Name-based Virtual Hosts
- Implement Apache logging system per virtual host
MySQL Relational Database Management System
- Install MySQL Relational Database Management System
- Secure access to MySQL
- Explore MySQL monitor shell-based interface
- Create sample MySQL database
- Populate with data and execute queries
- Discuss key SQL DML Commands
- Evaluate results
PHP
- Discuss features and benefits
- Install Apache | MySQL Support
- Write data-retrieval script
- Execute & debug
- Evaluate results
SELinux Intro
- Discuss Concepts & Applications
- Explore default configuration
- Identify key tools
- Expose SELinux subject | object labels
- Enable SELinux-restricted functions on key services
- Auto-relabel the file system
- Copy & Move data & evaluate ramifications
- Evaluate results
NMAP - Reconnaisance and Risk Assessment Tool
- Discuss features & benefits
- Install via YUM
- Identifiy key NMAP configuration files
- Identify commonly used NMAP options/switches/parameters
- Perform service identification
- Perform local & remote service risk exposure scans
IPTABLES - Firewall
- Concepts & Applications
- Explore default tables and chains
- Define and test INPUT chain rules
- Define and test OUTPUT chain rules
- Explain IPTABLES default chains/filters and policies
- Filter traffic based on Layers 3|4
- Test connectivity
- Evaluate IPTables6 (IPv6) support
- Write IPv6 rules
- Archive | Restore firewall rules
TCPDump
- Concepts & Applications
- Capture broad-based traffic
- Narrow scope with Berkeley Packet Filters (BPFs)
- Parse captured traffic
- Evaluate results
Apache SSL
- Features & Benefits
- Explore default configuration
- Generate usage keys for virtual hosts
- Apply usage keys to virtual hosts & test configuration
- Use 'tcpdump' to intercept clear-text & encrypted traffic
- Compare and contrast capture results
VSFTPD - SSLFeatures & Benefits
- Reference SSL|TLS usage keys
- Configure VSFTPD to support SSL|TLS exclusively
- Evaluate connectivity with: LFTP & FileZilla
- Liberate server configuration with hybrid approach
- Capture FTP clear-text & encrypted traffic with: 'tcpdump'
- Compare & contrast packet dumps
- Evaluate results
Enhance Security Posture
- Rationalize consequences (pros|cons) of lean presence
- Discuss compliance benefits
- Use 'nmap' to identify superfluous services: local & remote perspectives
- Mitigate risk by reducing exposure
- Loopback candidate daemons
- Perform post-mitigation reconnaisance with'nmap'
- Document baseline configuration
- Evaluate Results
