|
| SUMMARY: |
Critical Success Factor:
To satisfactorily cope with the day to day security administration of a multi-user UNIX site, understand security issues and be able to define security policies in an enterprise level multi-server environment. |
| AUDIENCE: |
Security administrators, auditors and others who need to understand all aspects of security in a UNIX environment. This course assumes no prior knowledge of UNIX. |
| PREREQUISITES: |
Attendees should be IT literate with a good understanding of similar topics in another operating environment. |
| APPROACH: |
The course is highly interactive and consists of theory with plenty of hands on practical content. A dedicated server will be used so that the more complex commands and security administration utilities can be practised in the security of a classroom environment. |
| OBJECTIVES: |
To provide staff new to UNIX with an extensive insight into all issues connected with security in a UNIX environment. Whilst this course covers many aspects of the UNIX
operating environment itself, network security is considered to be a separate issue. |
| COURSE CONTENT: |
- Introduction
- Why do Users Choose UNIX?
- An Operating System
- The UNIX Operating System
- Components of the UNIX Operating System
- Organization of a UNIX System
- The Kernel
- The Filesystem
- The Shell
- User Interfaces
- Terminal based interface
- The Command Processor
- Utilities
- Windows based Interfaces
- Using a Graphical Interface
- Distributed Environments and Client/Server
- Networking
- Unix Basics and Getting Help
- Logging On
- Accessing the UNIX Command Line
- Format of UNIX Commands
- Getting Help
- Internet Based Help
- Setting and Changing the Password
- Understanding the UNIX Filesystem
- Structure of a UNIX Filesystem
- Identifying Files and Directories
- The Home Directory
- Moving Around the Filesyste
- Listing Directory Contents
- Creating Directories
- Removing Directories
- Displaying Files
- Copying Files and Directories
- Moving / Renaming Files & Directories
- Removing Files
- Useful Commands for Security Administrators
- Grep
- Regular Expressions
- Who is on the System
- Find & Locate Files by Type
- Sort or merge Files
- sed (Stream Editor)
- Process, What is a?
- Process, Report Status
- Process, kill a
- Controlling Access to the System
(Users and account management, types of access)
- Logon Accounts
- Client/Server Users
- Files used to control user access
- Controlling Access to Files and the Filesystem
- File System Permissions
- Change mode
- Symbolic Notation
- Octal Notation
- Change owner
- Change group
- Default Creation Mode (umask)
- Access Control Lists
- Security and the different 'flavors' of UNIX
- Principal Differences for the Main Vendor versions of UNIX:
- AIX (IBM)
- Solaris (Sun Microsystems)
- HP/UX (Hewlett Packard)
- LINUX (Available in Various Distributions inc. Red Hat, SuSe etc)
- Controlling Access to the root account and other privileged services
- The su command
- Use of Roles
- Privileged Commands Available Only via Group Membership
- Dangerous Commands (and why they are sometimes needed)
- Bulk removal of Files
- Change Owner
- Change Group
- SUID and SGID bits
- Backing Up and Securing the System
- Common Utilities Available on All Systems:
- tar
- cpio
- pax
- System Specific Utilities:
- Monitoring Security Issues on the System
- Root Access
- User Access
- Network Access
- Removal of Unnecessary Processes
- Monitoring for Unusual or Unauthorised Usage
- Monitoring for Attempted Introduction of Trojan Horses, etc
- Monitoring for Unexpected File Permission Changes
- Best Practice Procedures
- Things to Avoid
- Physical Security
- Password Control
- Additional Topics:
- The Standard UNIX Editor (vi)
- Printing
GN/06 |
|
© 2007 Verhoef Training, Inc.
| 