Overview What You Will Learn Curriculum Instructor

Course Overview

Per the United States Cybersecurity & Infrastructure Security Agency (CISA), “Cyberspace and its underlying infrastructure are vulnerable to a wide range of risks stemming from both physical and cyber threats and hazards.” The infrastructure to which they are referencing is mostly built upon Linux Servers. Our job as System Administrators, Security Analysts, and DevSecOps Engineers is to strengthen the security, safety, and resilience of these Linux servers.

This course will demonstrate a hands-on approach to understanding and applying the best practices to secure Linux systems. Our goal is to address these threats and reduce the overall risk to your organization. This includes the tips and tricks for securing your Linux system including how to secure filesystems; services; networking; logging and auditing; Access, Authentication, and Authorization; and System Maintenance in accordance with the Center for Internet Security (CIS) Controls. 

You will learn how to find and disable unused filesystems, configure software updates, configure sudo, perform file integrity checking, secure boot settings, harden processes and apply Mandatory Access Control (MAC). You will also learn how to manage services such as inetd, NTP, CUPS, DHCP, LDAP, NFS, RPC, DNS, FTP, HTTP, SMTP, Samba, SNMP, rsync and NIS. Understanding and properly handling the most common and even uncommon network protocols and properly configuring a firewall is key to securing a server. When things go awry, properly configured logging of a system is critical to know who did what and when. This helps tremendously when tracking down an intrusion or insider threat. You will learn how to configure cron and configure ssh to secure communications with the server and when connected, PAM will control the authentication for the users. You will learn how to perform periodic maintenance on your server to keep it secure from threats. Lastly, you will learn how to detect malware and rootkits; perform a vulnerability assessment; and how to set up and configure a SIEM.

What You Will Learn

  • Improving your knowledge of Linux security configurations and discover resources to help ensure that your Linux servers are properly secured.
  • Hands-on demonstration of how to secure Linux Filesystems; Services; Network Configuration; System Accounting; Logging and Auditing; Access, Authorization and Authentication; and System Maintenance.
  • Learning the best practice configurations for software updates, the sudo command, filesystem integrity testing, boot settings, process hardening, warning banners and Mandatory Access Control (MAC).
  • Learning how to secure host services such as inetd, NTP, CUPS, DHCP, LDAP, NFS, RPC, DNS, FTP, HTTP, SMTP, Samba, SNMP, rsync and NIS.
  • Learning how to secure network services such as managing routed packets, handling ICMP packets, logging suspicious packets, reverse path filtering, handling TCP SYN traffic and IPv6 router advertisements.
  • Learning how to configure your server to handle uncommon network protocols and how to properly configure the host firewall rules using either ufw, nftables or iptables.
  • Learning how to set up Logging and Auditing by configuring system accounting, auditing, data retention, rsyslog, and journald.
  • Learning how to configure Access, Authorization and Authentication with good examples of best practices for cron, ssh-server, PAM, and user accounts and environments.
  • Learning tips and tricks for System Maintenance, including how to configure file permissions on key system files and how to properly setup user and group settings.
  • Learning how to detect malware and rootkits; perform a vulnerability assessments; and how to set up and configure a SIEM.

Program Curriculum

  • Hardening Concepts
  • Hardening Challenges
  • Pre-Installation Process
  • Post Installation Process
  • Update and Patching
  • Cool Tools
  • Log4j: The Big Picture
  • $7 Million Cybersecurity Scholarship by EC-Council
  • Chapter 1 Lab
  • Chapter 1 Quiz

  • Relevant Concepts
  • Securing Linux Filesystems
  • Configuring apt
  • Configuring Sudo
  • Filesystem Integrity Checking
  • Secure Boot Settings
  • Additional Process Hardening
  • Mandatory Access Control (MAC)
  • Chapter 2 Lab
  • Chapter 2 Quiz

  • Introduction
  • Securing Key Services
  • Special Purpose Services
  • Service Clients
  • Chapter 3 Lab
  • Chapter 3 Quiz

  • Relevant Concepts
  • Disable Unused Network Protocols and Devices
  • Network Parameters (Host Only)
  • Network Parameters (Host and Router)
  • Uncommon Network Protocols
  • Firewall Configuration
  • Chapter 4 Lab
  • Chapter 4 Quiz

  • Relevant Concepts
  • Configure System Accounting (auditd)
  • Configure Logging
  • Chapter 5 Lab
  • Chapter 5 Quiz

  • Relevant Concepts
  • Configure cron
  • SSH Server Configuration
  • Configure PAM
  • User Accounts and Environment
  • Chapter 6 Lab
  • Chapter 6 Quiz

  • Relevant Concepts
  • System File Permissions
  • User and Group Settings
  • Chapter 7 Lab
  • Chapter 7 Quiz

  • Relevant Concepts
  • Lynis – Security Auditing and Rootkit Scanner
  • Chkrootkit & Rkhunter – Rootkit Scanner
  • ClamAV – Antivirus Software Toolkit
  • LMD – Linux Malware Detect
  • OpenVAS – Open Vulnerability Assessment System
  • Security Onion SIEM
  • AlienVault OSSIM SIEM
  • Chapter 8 Lab
  • Chapter 8 Quiz
Load more modules

Instructor

Donald Brown

Mr. Brown received his M.S. in Computer Science with a specialization in Computer Systems Security from Colorado Technical University. He earned his Undergraduate degree in Computer Integrated Manufacturing Technology (CIMT) from Purdue University. In his 30+ years in Industrial Automation, Don developed his skills on the IT side of manufacturing in addition to automation. That combined skillset grew into his desire to work in Cybersecurity. During that time, he also acquired his PMP certification for Project Management. Don utilizes this experience at Verista, Inc. which specializes in providing Consulting Services to organizations in the Life Sciences industry. At Verista, Don oversees the Cybersecurity Team which provides Cybersecurity Services to clients. Don has 10 years of experience teaching in the Information Technology, Electronics Technology, Secure Software Development, and Information Systems Security disciplines.

Join over 1 Million professionals from the most renowned Companies in the world!

certificate

Fastest Way to Level Up Your Cybersecurity Skills

Invest in your future with flexible subscription plans that give you access to the world’s largest online cybersecurity course library. Whether you're exploring cybersecurity courses for beginners or advancing your expertise,
access in-demand courses, practical labs, and CTF challenges designed to support continuous learning.

Monthly Plans
Annual Plans
Save 20% with our annual plans!

Pro

Build your cybersecurity skills with 900+ bite-sized courses and curated learning paths designed for continuous learning.

$ 69.00
Billed monthly or $599.00 billed annually
Get Started Now
Start your 7-day trial for $1

What is included

  • 880+ Premium Short Courses
  • 70+ Structured Learning Paths
  • Validation of Completion with all courses and learning paths
  • New Courses added every month
Early Access Offer

Pro +

Develop real-world cybersecurity skills through hands-on labs and CTF challenges designed for practical learning.

$ 79.00
Billed monthly or $699.00 billed annually
Get Started Now
Start your 7-day trial for $1

Everything in Pro, Plus:

  • 1600+ Hands-on lab exercises with guided instructions
  • 150+ CTF Challenges with detailed walkthroughs
  • New Hands-on Labs and Challenges added every month

Related Courses

  • Bootstrap 4 Quick Website Bootstrap Components Course
    Short Course

    Bootstrap 4 Quick Website Bootstrap Components Course

    Software Development

    Explore the basics of Bootstrap and learn to create a website...

    $49.99

    Beginner

    1 hr 30 m

  • CCNA - Understanding Routers and Switches
    Short Course

    CCNA - Understanding Routers and Switches

    Security Architecture and Operations

    A comprehensive guide to understanding the in-depth functioni...

    $49.99

    Intermediate

    2 hr 0 m

  • The Complete Full-Stack JavaScript Course
    Short Course

    The Complete Full-Stack JavaScript Course

    Software Development

    Learn full-stack web development using JavaScript (ReactJS, N...

    $79.99

    Beginner

    24 hr 17 m

  • React.JS for Ecommerce: Building a Store with React.JS
    Short Course

    React.JS for Ecommerce: Building a Store with React.JS

    DevSecOps

    From React.js Fundamentals to Crafting an Online Storefront

    $49.99

    Advanced

    3 hr 30 m

  • CISSP Certification Domains 5, 6, 7, and 8 Video Training
    Short Course

    CISSP Certification Domains 5, 6, 7, and 8 Video Training

    Cybersecurity

    This course is ideal for individuals who desire to pass the I...

    $69.99

    Intermediate

    6 hr 30 m

  • Helm 3 - Package Manager for Kubernetes
    Short Course

    Helm 3 - Package Manager for Kubernetes

    Software Development

    A must tool for every DevOps engineer

    $49.99

    Intermediate

    1 hr 27 m

  • Learn Ethical Hacking by Hacking Real Websites Legally
    Short Course

    Learn Ethical Hacking by Hacking Real Websites Legally

    Vulnerability Assessment and Pentesting

    Fun way to learn ethical hacking by playing online hacking ga...

    $69.99

    Beginner

    4 hr 18 m

  • Mastering Ansible Playbooks: Debugging and Security
    Short Course

    Mastering Ansible Playbooks: Debugging and Security

    Software Development

    Securing and Automating Linux and Windows Systems with Advanc...

    $99.99

    Advanced

    5 hr 34 m

1 50
View all