UNIX Audit and Security

Course: UXAUD

Duration: 5 Days

Level: I

Course Summary

Having acquired a high level understanding of UNIX, you will learn how to assess security hands on. All aspects are covered, both business and technical. Planning for audits and discussion of suitable tests forms a substantial part of the course. Delegates will get a chance to run audit and security related commands.

Though the course is designed specifically for a SUN Solaris installation, it will serve as a good general overview for any flavour of UNIX.

« Hide The Details

Topics Covered In This Course

Introduction

What is Computer Security?
Security and UNIX

Policies and Guidelines

Planning Your Security Needs
Risk Assessment
Cost-Benefit Analysis
Policy
The Problem with Security Through Obscurity

UNIX Basics

Logging in
A UNIX session
Standard documentation
Logging out

Common Shell Commands

Navigation commands
Listing and searching commands
File management commands
Saving evidence with redirection
Managing processes inside the shell

UNIX File Systems

File system structure
Mounting file systems
Access permissions
Default permissions
Symbolic links
fsck

Managing users

The super user
User authentication vs. authorization
/etc/passwd and /etc/shadow
Pluggable authentication modules (PAM)
Control files in /etc affecting users and user sessions
Password quality controls
Session records, groups, profiles
Managing application systems - users, groups and file accesses

Startup and Shutdown

Booting UNIX and System start-up
Init states
rc scripts
Scheduling jobs
System Shutdown

Shell Programming

Script syntax
Variables
Condition tests
Loops

Special Files

SUID/SGID files
Security issues

System and User Security Control

Shell environment
Security procedures
System logs
Advanced security procedures

UNIX Networking

UNIX networking overview
Internet protocol
TCP / UDP
The Internet daemon
RPC programs

File Transfer Services

ftp
Anonymous ftp
tftp
smtp

Remote Access Services

Telnet
rlogin and rsh

Other Common Services

Finger
NIS
NFS

Risks and Reactions

Programmed threats
Reacting to a compromise
Security and audit products

Who Should Take This Course

The course is intended for those who need to find out what UNIX is and where the different components are located, with a specific security objective in mind. In conjunction with an explanation of the technology, the prime risks and defences will be pointed out. Delegates who will benefit most from this course are typically computer auditors, security specialists and security conscious managers. The course also serves as a useful general introduction to UNIX.

Recommended Prerequisites

Delegates should have had some experience of using UNIX beforehand and be able to enter simple shell commands, such as ls and more, in a terminal environment. Shell programming and C programming experience would be an advantage.

Training Style

This course is instructor led, with strong emphasis on hands-on practical sessions to reinforce the concepts introduced in the classroom.

« Hide The Details

Related Courses

Code	Course Title	Duration	Level
SECVE	Securing the Virtual Environment	3 Days	I	Details
UNIXE	UNIX/Linux: The Essentials	3 Days	I	Details
LNXSEC	Linux Security	5 Days	II	Details

Every student attending a Verhoef Training class will receive a certificate good for $100 toward their next public class taken within a year.

You can also buy "Verhoef Vouchers" to get a discounted rate for a single student in any of our public or web-based classes. Contact your account manager or our sales office for details.

Schedule For This Course
There are currently no public sessions scheduled for this course. We can schedule a private class for your organization just a couple of weeks from now. Or we can let you know the next time we do schedule a public session.

Notify me the next time this course is confirmed!

Can't find the course you want?
Call us at 800.533.3893, or
email us at [email protected]