The Configuring Security on the Solaris 10 Operating System course provides students with the knowledge and skills to customize security on Solaris 10 systems.
Languages
English
Back to top
Who Can Benefit
Students who can benefit from this course are security, system, and network administrators who are responsible for customizing security on Solaris 10 systems.
Back to top
Prerequisites
To succeed fully in this course, students should be able to:
* Administer users, packages, and applications on Solaris 10 systems
* Administer networking and routing on Solaris 10 systems
* Describe basic system and network security concepts
* Administer services and zones on Solaris 10 systems
Back to top
Skills Gained
Upon completion of this course, students should be able to:
- Describe the security features of the Solaris 10 Operating System
- Configure the security features relevant to Solaris 10 system administrators
- Configure the security features relevant to Solaris 10 network administrators
Back to top
Related Courses
Before:
After:
Back to top
Course Content
Module 1 - Describing Basic Security Principles
- Describe Security Principles
- Describe the Need for a Security Policy
- Describe the Need to Securely Configure Systems
- Describe the Need for Auditing
- Describe the Need for Patching
Module 2 - Listing Applicable Solaris 10 Security Features
- Describe Security Enhancements Relevant to System and Network Administrators
Module 3 - Describing Minimization
- Minimal Installation
- Software Installation Clusters (Meta Clusters)
- Loose Versus Strict Minimization
- Providing Consistent, Known Configuration for Installations
Module 4 - Managing Patches
- Describe the Update Manager
- Signed Patches
- Verifying Signatures
- Specifying a Web Proxy
Module 5 - Performing Hardening
- Preforming Hardening
- Implementing the Solaris Security Toolkit (SST)
Module 6 - Implementing Process Rights Management
- Describe PRM
- Process Privileges
- Determine rights required by process
- Assign minimum rights to a process
- Debugging Privileges
Module 7 - Implementing User Rights Management
- Access Control
- RBAC
- Implementing Password Strength, Syntax Checking, History and Aging Improvements
Module 8 - Utilizing the Solaris Cryptographic Framework
- Describe the Solaris Cryptographic Framework (SCF)
- List the Basic administration tools for SCF
- Use SCF with a Web Server
- Use SCF with a Java-based application
- Use SCF with a Sun Crypto Accelerator
- Using the SCF User-Level Commands Management
Module 9 - Managing File system Security
- Signed ELF Objects
- Implement the Basic Audit and Report Tool (BART) for File Integrity
- Describe Validated Execution
Module 10 - Using the Service Management Facility
- Describe Using the SMF
- Describe the Concept of Least Privilege
- Describe Authorizations Limit Service Privileges
- Determine a Current Service s Privileges
- Configure a Service to use Reduced Privileges
Module 11 - Securing Networks
- TCP Wrappers
- Implement the IPfilter Stateful Packet Filtering Firewall
- Kerberos
- Implementing the Solaris Secure Shell (SSH)
- Describe NFSv4
Module 12 - Implementing IPsec
- Describe IP Security
- Implement IPsec
- IPsecs position in the Solaris OS Cryptographic Framework
- Configuring IPsec
- Describe IKE
- Configure IKE
- Troubleshoot IPsec and IKE
Module 13 - Performing Auditing and Logging
- Describe Solaris Audit
- Configure Audit Policy
- Implement Solaris Audit
- Configure for Zones
- JASS Audit
- Review Audit Logs
- Learning from Audit Trails
- Tamper Proof Logging
Module 14 - Implementing Security in Solaris Zones
- Describe Security Characteristics
- Describe the Global Zone
- When/How to use Zones
- Resource Management
- Zones and Auditing
- Zones and Network Security
- Patching Zones
Module 15 - How Security Components Work Together
- Describe how Security Components Work Together
- Describe how Technologies Interact
- Infrastructure Requirements
Appendix A - Managing Resources
- Resource Controls
- Resource Exhaustion Attack Prevention
Back to top
Browse Other Course Topic Areas
| 
