|
|
|
Apr 25, 2024
|
|
CIS 276 - Host System Security II
5.0 Credits
Covers Linux Host security including extended attributes and Access Control Lists, limiting access to services and preventing DOS attacks, secure authentication, auditing servers, detecting hacking and recovery. Prerequisite: CIS 271 with a GPA of at least 2.5 or equivalent experience.
Course Objectives
Upon successful completion of this course, students will be able to:
- Use bootloader password protection and disable run-levels to keep hackers from booting the system locally. [REASON]
- Use SUID/SGID and file system extended attributes including Append-Only and Immutable file flags to provide for granular file system control. [REASON]
- Manage POSIX access control lists for additional file system security. [REASON]
- Limit access to certain services using inetd, xindetd and tcpwrappers. [REASON]
- Configure Linux Pluggable Authentication Modules (PAM) to enhance services requiring secure authentication. [REASON]
- Use ipchains and iptables for firewalling, routing and Network Address Translation (NAT). [REASON]
- Configure Basic Web, FTP, Mail and network file system (NFS/SMB) security. [REASON]
- Encrypt data streams with SSH to provide for secure TCP tunneling. [REASON]
- Build a Kerberos Key Distribution Center (KDC) to provide secure network authentication. [REASON]
- Encrypt Web and Email data using OpenSSL and GPG. [REASON]
- Encrypt File System data using the Transparent Cryptographic File System. [REASON]
- Audit and monitor Linux Servers for Intrusions using SAINT and SWATCH. [REASON]
- Detect Attacks in progress using the Snort Intrusion Detection System. [REASON]
- Preserve and analyze system data using backup tools. [REASON]
- Recover from Linux security breaches and attacks. [REASON]
Add to Personal Catalog (opens a new window)
|
|
|
