Description
Mastering Security-Enhanced Linux (SELinux) course. This course will help you understand and use SELinux. SELinux is a valuable addition to the standard Linux security options that secure your Linux distribution. This course starts with the basics of SELinux and covers more advanced topics such as SELinux and Multi-Level Security (MLS) and Multi-Class Security (MCS) and managing SELinux with Ansible. It also has in-depth coverage of SELinux in containerized environments. This course has labs during the training so that you can see SELinux in real-time and practice while learning. The main features of the course are:
- Understand when and how SELinux is needed
- Learn how to troubleshoot SELinux issues
- Make your application SELinux compliant
- Implement military-grade security using SELinux MLS and MCS
- This course is also a complete resource for students who want to fully understand SELinux while preparing for any exam related to Red Hat Enterprise Linux, as well as developers and application administrators who want to use SELinux. achieve the highest possible level of security.
What you will learn:
- SELinux Basics: Covers basic concepts such as mandatory access control, how to enable SELinux, understanding context tags, managing context tags, and how to use booleans.
- SELinux Analysis: Teaches how to analyze SELinux by covering troubleshooting and showing how to analyze booleans and rules.
- Using Custom Programs with SELinux: Shows custom programs with SELinux and covers how to work with SELinux modules and how to make each program SELinux compliant.
- Military Grade Security with SELinux and MLS Users: Provides three lessons on the best kind of protection and security that SELinux offers. It covers how SELinux is used in military organizations, as well as topics related to SELinux users, how to manage multi-level security, and how to use multi-level security.
- Configuring SELinux for Containers: Describes how to fully secure a containerized environment by adding SELinux.
- Managing SELinux with Ansible: Covers how to secure containers with SELinux and how to manage SELinux with Ansible.
This course is suitable for people who:
- DevOps Engineers
- DevSecOps Engineers
- Software developers
- the manager
Course details
- Publisher: Oreilly
- teacher: Sander van Vugt
- Training level: beginner to advanced
- Training duration: 5 hours 21 minutes
Course headings
- Introduction
- Mastering Security-Enhanced Linux (SELinux): Introduction
- Module 1: SELinux Fundamentals
- Module introduction
- Lesson 1: Mandatory Access Control
- Learning objectives
- 1.1 Working of SELinux
- 1.2 Requiring Mandatory Access Control
- 1.3 Understanding SELinux and Discretionary Access Control
- Lesson 1 Lab Exploring SELinux Settings
- Lesson 1 Lab Solution Exploring SELinux Settings
- Lesson 2: Enabling SELinux
- Learning objectives
- 2.1 Managing States and Modes on Red Hat
- 2.2 Installing SELinux on Ubuntu
- 2.3 Understanding Policies
- Lesson 2 Lab Managing SELinux States
- Lesson 2 Lab Solution Managing SELinux States
- Lesson 3: Understanding Context Labels
- Learning objectives
- 3.1 Showing Context Labels
- 3.2 Understanding When to Set Context Labels
- 3.3 Using the audit log to examine issues
- 3.4 Understanding Context Inheritance
- Lesson 3 Lab Examining SELinux events
- Lesson 3 Lab Solution Examining SELinux events
- Lesson 4: Managing Context Labels
- Learning objectives
- 4.1 Finding the Right Context
- 4.2 Setting Context on Files
- 4.3 Setting Context on Ports
- 4.4 Using Customizable Types
- 4.5 Configuring a Non-default Apache DocumentRoot
- Lesson 4 Lab Running SSH on Port 443
- Lesson 4 Lab Solution Running SSH on Port 443
- Lesson 5: Using Booleans
- Learning objectives
- 5.1 Understanding Booleans
- 5.2 Using Booleans
- 5.3 Finding Booleans
- Lesson 5 Lab Configuring vsftpd for Anonymous Uploads
- Lesson 5 Lab Solution Configuring vsftpd for Anonymous Uploads
- Module 2: Analyzing SELinux
- Module introduction
- Lesson 6: Troubleshooting SELinux
- Learning objectives
- 6.1 Troubleshooting SELinux Issues
- 6.2 Understanding the Audit Logs
- 6.3 Understanding Dontaudit Rules
- 6.4 Using audit2allow
- 6.5 Using sealert
- 6.6 Loading SELinux Manually
- Lesson 6 Lab Troubleshooting SELinux
- Lesson 6 Lab Solution Troubleshooting SELinux
- Lesson 7: Analyzing Booleans and Rules
- Learning objectives
- 7.1 Analyzing the Policy
- 7.2 Terminology
- 7.3 Using sesearch
- 7.4 Using seinfo
- 7.5 Finding What a Domain Can Do
- 7.6 Analyzing Booleans
- 7.7 Analyzing Transition Rules
- Lesson 7 Lab Investigating Booleans
- Lesson 7 Lab Solution Investigating Booleans
- Module 3: Using Custom Applications with SELinux
- Module introduction
- Lesson 8: SELinux Modules
- Learning objectives
- 8.1 Managing Modules
- 8.2 Writing Custom Modules
- 8.3 Generating Custom Modules
- Lesson 8 Lab Enabling your Application with Modules
- Lesson 8 Lab Solution Enabling your Application with Modules
- Lesson 9: Making Any Application work with SELinux
- Learning objectives
- 9.1 Understanding Options for Running Custom Applications
- 9.2 Using Unconfined Domains
- 9.3 Using run-on to Run Applications with a Specific Context
- 9.4 Using sepolgen to generate Application Policy Modules
- Lesson 9 Lab Running any Application on an SELinux System
- Lesson 9 Lab Solution Running any Application on an SELinux System
- Module 4: Military Grade Security with SELinux users and MLS
- Module introduction
- Lesson 10: SELinux Users
- Learning objectives
- 10.1 Understanding Users and Roles
- 10.2 Mapping Linux Users to SELinux Users
- 10.3 Using Booleans to Manage SELinux Users
- 10.4 Restricting Root
- Lesson 10 Lab Creating a Kiosk User
- Lesson 10 Lab Solution Creating a Kiosk User
- Lesson 11: Using Multi-Level Security (MLS)
- Learning objectives
- 11.1 Understanding MLS and MCS
- 11.2 Enabling an MLS Policy
- 11.3 Creating a user with a Clearance Level
- 11.4 Understanding What Needs to be done on Directories
- Lesson 11 Lab Using MLS
- Lesson 11 Lab Solution Using MLS
- Lesson 12: Using Multi-Category Security (MCS)
- Learning objectives
- 12.1 Understanding MCS
- 12.2 Grouping Users and Applications with MCS
- 12.3 Combining MLS and MCS
- Lesson 12 Lab Configuring MCS
- Lesson 12 Lab Solution Configuring MCS
- Module 5: SELinux, Containers, and Ansible
- Module introduction
- Lesson 13: SELinux and Containers
- Learning objectives
- 13.1 Understanding Container SELinux Needs
- 13.2 Configuring Container Storage Access
- 13.3 Using udica to Configure Container Access
- Lesson 13 Lab Configuring SELinux for Containers
- Lesson 13 Lab Solution Configuring SELinux for Containers
- Lesson 14: Using Ansible to Manage SELinux
- Learning objectives
- 14.1 Using SELinux Ansible modules
- 14.2 Using the RHEL System Role to Manage SELinux
- Lesson 14 Lab Using Ansible to manage SELinux
- Lesson 14 Lab Solution Using Ansible to manage SELinux
- Summary
- Mastering Security-Enhanced Linux (SELinux): Summary
Course prerequisites
- Install and configure a lab environment. This can be a Linux virtual machine that runs in virtualization software on the participants own computer, using software like VMware Workstation or Oracle VirtualBox, or on a dedicated computer. https://learning.oreilly.com/videos/red-hat-certified/9780134723990/
- Install a virtual or physical machine with a recent version of either Red Hat Enterprise Linux, CentOS Stream, Rocky Linux or Fedora.
Course images
Sample video of the course
Installation guide
After Extract, view with your favorite Player.
Subtitle: None
Quality: 720p
download link
File(s) password: www.downloadly.ir
Size
944 MB
Be the first to comment