Administering Security on the Solaris Operating System (SC-300)

Please note that Oracle courses running at London training centres are subject to a 10% surcharge.

Overview

The Administering Security on the Solaris Operating System course provides students with the skills to implement, administer, and maintain a secure Solaris Operating System (Solaris OS).

Who Can Benefit
Students who can benefit from this course are system administrators or security administrators who have responsibility for administering one or more homogeneous Solaris OS systems or administering security on one or more Solaris OS systems.  

Prerequisites

• Demonstrate basic Solaris OS system and network administration skills
• Install the Solaris OS
• Administer users, printers, file systems, networks, and devices on the Solaris OS
• Demonstrate a basic understanding of Transmission Control Protocol/Internet Protocol (TCP/IP) networking

 

Delegates will learn how to

• Describe security terminology and common forms of security attack
• Use Solaris OS logging and auditing to identify actual and potential security attacks
• Secure a Solaris OS host against user and network attacks
• Use tools, such as Solaris Security Toolkit (SST), to improve system security

 

Course outline

Module 1 – Exploring Security

• Describe the role of system security
• Describe security awareness
• Describe historical examples of break-ins
• Define security terminology
• Classify security attacks
• Examine the motivations of an attacker
• Identify data gathering methods
• Run an intrusion detection system
• Define a security policy
• Use the open source security tools

Module 2 – Using Solaris OS Log Files

• Explore the standard Solaris OS log files
• Configure and use the system logging utility
• Monitor log files using the swatch tool
• Describe the process monitoring tools
• Collect information using the Solaris OS accounting package

Module 3 – Examining the Solaris OS Basic Security Module (BSM)

• Configure Basic Security Module (BSM) auditing
• Start and stop the BSM
• Create an audit trail using the BSM
• Generate an audit trail
• Interpret and filter audit data
• Implement BSM device management

Module 4 – Preventing Security Attacks

• Recognize Trojan horses
• Identify back door attacks
• Detect and prevent Trojan horse and back door attacks
• Use rootkits to hide attackers
• Identify DoS attacks

Module 5 – Administering User Accounts Securely

• Administer regular users
• Administer other accounts
• Configure special user security
• Limit user options with restricted shells

Module 6 – Administering Password Security

• Describe password mechanisms
• Run a password-cracking program

Module 7 – Securing Root Access

• Control root access with role-based access control (RBAC)
• Control root access with the sudo utility

Module 8 – Preventing File System Attacks

• Set up the root partition
• Set file system permissions for security
• Explore set-user-ID and set-group-ID permissions
• Use access control lists (ACLs)
• Examine other security defense mechanisms
• Protect systems using backups and restores

Module 9 – Auditing File Systems

• Examine file system auditing
• Explore file system auditing tools

Module 10 – Attacking Network Data

• Examine network sniffers
• Explore network sniffer tools
• Defend against network service attacks

Module 11 – Securing Network Data

• Describe secure communication by using the Secure Socket Layer (SSL)
• Configure SSL to encrypt and decrypt files

Module 12 – Analyzing Network Services

• Apply network security probing tools
• Describe using the GUI to configure the SAINT
• Configure the SAINT network analysis tool
• Interpret SAINT reports
• Detect network analyzer attacks

Module 13 – Securing Network Services

• Restrict network services
• Defend network services
• Use Berkeley r commands for remote connections
• Secure services with the chroot command
• Integrate services using the PAM
• Describe the SEAM

Module 14 – Automating Server Hardening

• Describe system hardening
• Describe system hardening using the Solaris Security Toolkit (SST)
• Set up the SST

Module 15 – Authenticating Network Services

• Describe network authentication using TCP wrappers
• Configure host access control
• Use banners with TCP wrappers

Module 16 – Securing Remote Access

• Describe the benefits of Secure Shell
• Configure Secure Shell

Module 17 – Securing Physical Access

• Assess the risk from physical intrusion
• Apply physical security measures

Module 18 – Connecting the Enterprise Network to the Outside World

• Design the network to improve security
• Run enterprise security audits
• Explain the role of security audits
• Identify common sources of security information