SELinux Administration Course

75 STUDENTS ENROLLED

SELinux is a core component of any Linux distribution, be it RHEL, CentOS or Oracle Linux. Once you install linux of any of these flavors, you already have SELinux enabled. This course is aimed at providing you an understanding of SELinux MAC and administration of SELinux as per your production requirement.

Furthermore, before the start of this course you must of a good understanding and experience on Linux as an Administrator. For this course, tuning and configuring the security of a system requires administrative privileges on the system.

This course is for Linux System Administrators who have good experience in maintaining Linux systems. For those who want to understand and work with the SELinux Security. Moreover, this course can be very useful for Information Technology System architects to understand how SELinux can be positioned to enhance the security of Linux systems and Linux based services within their environment.

Pre-requisites:

  • Good knowledge of RHEL/CentOS or Oracle Linux.
  • Linux Administration Skills
  • Basic Knowledge of Programming will be an added advantage.

Course Curriculum

Introduction and Getting Started with SELinux
SELinux 1 Introduction to SELinux 01:30:00
SELinux Introduction, What is SELinux and how it works?, Access Control Mechanisms, Labels, Contexts and Type Enforcement Basic Terminology, Users, Roles, Subjects, Objects, Domains and Types, SELinux Policy, Type Enforcement, SELinux Administration – Settings and Modes SELinux Configuration, SELinux Status, SELinux Features and Benefits, SELinux is not..
SELinux 2 Getting Started with SELinux 01:30:00
Boot Options for SELinux,Enabling user home directories, SELinux Settings for User Home Directories, Targeted Policy Protected Services, Default list of SELinux Protected Services,File Context for Special Directory Trees, Setting Persistent SELinux Contexts on Directory Trees, Example: ftp server with non default directory
SELinux 3 SELinux Booleans 00:45:00
SELinux Booleans, Why a Service doesn't work?, Boolean Values, Service Categories of SELinux Booleans, Booleans with SELinux Management Tool, CLI V/s GUI Filter,Boolean Settings do not stand alone, SELinux directives for HTTP Services, Name Service, MariaDB, NFS, Samba and SSH
SELinux 4 Troubleshooting SELinux 00:45:00
Understand and Identify the Problem - SELinux Audits, Using ausearch and sealert, Using audit2allow Utility, SELinux Troubleshoot Browser, The setroubleshootd, Installation, configuration and working, Sending e-mails, Testing setroubleshoot functionality, Binding sshd on a non standard port, SELinux Logging - Interacting with systemd-journal, Policy Rules V/s other Options.
SELinux Lab 1 Exploring CGI scripts 1, 00:00
SELinux Policies
SELinux 5 SELinux Policies 00:00:00
SELinux Policy, Policy Organization, Confined and Unconfined Domain, SELinux Policy Behavior, Configuring a Policy with semanage, SELinux Port Labeling, Managing Ports with Semanage Using Semanage Permissive, Limiting flows based on the network interface, Generating Policy files for Deployment, Handling device files, Setting a SELinux label on a device node
SELinux Lab 2 Understanding SELinux policies 1, 00:00
SELinux 6 Working with SELinux Policies 01:00:00
SELinux Policy Language, Source Policy Modules in a Monolithic Policy, Loadable Policy Modules, Building and Installing Monolithic Policies, Build and load process for SELinux policy, The make Targets, Generating Policy files for Deployment, Supported user templates with sepolgen, Handling device files, Using udev Rules, Setting a SELinux label on a device node
SELinux Lab 3 Modifying an existing policy 1, 00:00
SELinux 7 Building and Loading SELinux Policies 01:00:00
Downloading and Installing the source and preparing the build area, Build the base policy package, Compiling the Monolithic Policy, Loading the Monolithic Policy, Compiling Policy Modules, Loading Policy Modules, Policy Type-Enforcement Module Syntax, Policy Type-Enforcement Module Example
SELinux Lab 4 Compiling and Building Base Policy from Source. 1, 00:00
SELinux Lab 5 Using Fixfiles and Setting Mount Contexts for SELinux 1, 00:00
Policies, Object Classes and Utilities
SELinux 8 Working with semodule and Object Classes 01:00:00
High Level SELinux Architecture, semodule, Object Classes and Permissions, Defining common Permissions, Examples
SELinux 9 Policy Utilities 01:30:00
seaudit, seaudit_report (now aureport), checkpolicy, sesearch, sestatus, audit2allow, audit2why, sealert, avcstat, seinfo and semanage
SELinux 10 User and Role Security 02:00:00
Role-based Access Control, Multi Category Security - MCS, Multi Category Security: translation and login, The chcat - change file security category, Defining a SecurityAdministrator: sudo, chcat and root
SELinux Lab 6. Role Bases Access Control 1, 00:00
Advanced SELinux Techniques
SELinux 11 MLS, Users, Roles, Domain Transition, Macros and Types 02:00:00
Multi-Level Security - MLS, The strict Policy, General Identification User Identification: system_u, users_u and root, Declaring Users, Role Identification - Role Dominance, Domain Transition, Polyinstantiation of Directories, Policy Macros, Types : Enforcement, Attributes, Aliases and Transitions for Objects, restorecond, Customizable Types
SELinux Lab 7  Creating a new type 1, 00:00
SELinux 12 Contexts, Policies, Access Vector, Logs and Booleans 02:00:00
File Contexts, Manipulating Policies, Access Vector, SELinux logs, Security Identifiers-SIDs, Statements: fs_use_* and genfscon, Booleans: Creating and using new booleans, Enableaudit
SELinux Lab 8 Creating Policy Module 1, 00:00
SELinux Lab 9 Mount Options and Custom port for squid 1, 00:00
SELinux Lab 10 SELinux Users and Roles 1, 00:00

Course Reviews

N.A

ratings
  • 5 stars0
  • 4 stars0
  • 3 stars0
  • 2 stars0
  • 1 stars0

No Reviews found for this course.

TAKE THIS COURSE
  • 35,000.00 29,900.00 per 180 days
  • 4320 Hours
  • Course Certificate

Recent Posts

Featured Testimonial

I would like to mention a new feature "Interactive Video". You can't simply watch the video. You have to actually get involved. It will pause suddenly and ask question. If you are not able to answer the question you have to watch it all over again. Hence a real learning is guaranteed.Read more

Indiana Jones

Co-Founder Director

Certificate Code

Become an Instructor

top
Designed by  © Alliance Softech Pvt Ltd. All rights reserved.
WhatsApp chat
X