Polaznici će steći praktično iskustvo kako administrirati SUSE Linux Enterprise Server 10 u širokom rasponu područja od sigurnosti na razini računala do sigurnosti na razini mrežne pomoću sustava Novell AppArmor, filtriranje mrežnih paketa i VPN.

Cilj:
Naučene vještine na tečaju SUSE Linux Enterprise Server 10: Security (tečaj 3075) omogućuju:
- instaliranje i administriranje računala za sigurno pokretanje SUSE Linux Enterprise Server 10
- konfiguriranje Novell AppArmor
- stvaranje certifikata i certifikacijske vlasti.
- postavljanje filtera za mrežne pakete, pristupnika na razini aplikacije i pristupnika za VPN

Sadržaj seminara:

Section 1: General Considerations and Definition of Terms
- Create a Security Concept
- Understand Frequently Used Terms

Section 2: Host Security
- Limit Physical Access to Server Systems
- Partitioning and File System Security
- Limit the Installed Software Packages
- Configure Security Settings With YaST
- Stay Informed about Security Issues
- Apply Security Updates
- Test and Document the Configuration
- Use Logging and Accounting

Section 3: Novell AppArmor
- Improve Application Security with AppArmor
- Create and Manage AppArmor Profiles
- Control AppArmor
- Monitor AppArmor

Section 4: Cryptography: Basics and Practical Application
- Cryptography Basics
- Create a Certification Authority (CA) and Issue Certificates With CLI Tools
- Use YaST to Create a Certification Authority (CA) and Issue Certificates
- GNU Privacy Guard (GPG)

Section 5: Network Security
- Understand Services and Protocols
- Secure Access With TCP Wrapper
- Use SSL to Secure a Service
- Secure Clients

Section 6: General Firewall Design
- Understand Firewall Concepts and Purpose
- Describe Components of Firewalls
- Understand Advantages and Disadvantages of Different Setups

Section 7: Packet Filters
- Understand Packet Filters
- Understand iptables Basics
- Understand iptables Advanced Features
- Understand Network Address Translation

Section 8: Application-Level Gateways
- Application-Level Gateway Basics
- Configure and Use Squid
- Configure and Use Dante
- Configure and Use rinetd

Section 9: Virtual Private Networks
- VPN and IPSec Basics
- Configure and Establish an IPSec Connection
- Understand Packet Filtering of IPSec Traffic

Section 10: Intrusion Detection and Incident Response
- Log Files and Their Evaluation
- Host-Based Intrusion Detection
- Network-Based Intrusion Detection
- Incident Response

Section 11: Live Fire Exercise

Predznanje:
Detaljno poznavanje mrežnih protokola je obavezno za dizajn i konfiguriranje vatrozida (firewall). Teme koje se obrađuju na tečaju SUSE Linux Enterprise Server 10 : Networking Services (Course 3074) su ključne za efikasno izvršavanje sigurnosnih zadataka.

Priprema za ispit:
Ovaj tečaj zajedno s tečajem SUSE Linux Enterprise Server 10: Networking Services (tečaj 3074) je idealna priprema za ispit Novell Certified Linux Engineer 10 Practicum (050-698).

• Upis u radnu knjižicu: ne
• Certifikat: da
• Uvjerenje: ne
• In-house: ne
• Svjedodžba: ne
• Diploma: ne