Overview What You Will Learn Curriculum Instructor

Course Overview

Per the United States Cybersecurity & Infrastructure Security Agency (CISA), “Cyberspace and its underlying infrastructure are vulnerable to a wide range of risks stemming from both physical and cyber threats and hazards.” The infrastructure to which they are referencing is mostly built upon Linux Servers. Our job as System Administrators, Security Analysts, and DevSecOps Engineers is to strengthen the security, safety, and resilience of these Linux servers.

This course will demonstrate a hands-on approach to understanding and applying the best practices to secure Linux systems. Our goal is to address these threats and reduce the overall risk to your organization. This includes the tips and tricks for securing your Linux system including how to secure filesystems; services; networking; logging and auditing; Access, Authentication, and Authorization; and System Maintenance in accordance with the Center for Internet Security (CIS) Controls. 

You will learn how to find and disable unused filesystems, configure software updates, configure sudo, perform file integrity checking, secure boot settings, harden processes and apply Mandatory Access Control (MAC). You will also learn how to manage services such as inetd, NTP, CUPS, DHCP, LDAP, NFS, RPC, DNS, FTP, HTTP, SMTP, Samba, SNMP, rsync and NIS. Understanding and properly handling the most common and even uncommon network protocols and properly configuring a firewall is key to securing a server. When things go awry, properly configured logging of a system is critical to know who did what and when. This helps tremendously when tracking down an intrusion or insider threat. You will learn how to configure cron and configure ssh to secure communications with the server and when connected, PAM will control the authentication for the users. You will learn how to perform periodic maintenance on your server to keep it secure from threats. Lastly, you will learn how to detect malware and rootkits; perform a vulnerability assessment; and how to set up and configure a SIEM.

What You Will Learn

  • Improving your knowledge of Linux security configurations and discover resources to help ensure that your Linux servers are properly secured.
  • Hands-on demonstration of how to secure Linux Filesystems; Services; Network Configuration; System Accounting; Logging and Auditing; Access
  • Authorization and Authentication; and System Maintenance.
  • Learning the best practice configurations for software updates
  • the sudo command
  • filesystem integrity testing
  • boot settings
  • process hardening
  • warning banners and Mandatory Access Control (MAC).
  • Learning how to secure host services such as inetd
  • NTP
  • CUPS
  • DHCP
  • LDAP
  • NFS
  • RPC
  • DNS
  • FTP
  • HTTP
  • SMTP
  • Samba
  • SNMP
  • rsync and NIS.
  • Learning how to secure network services such as managing routed packets
  • handling ICMP packets
  • logging suspicious packets
  • reverse path filtering
  • handling TCP SYN traffic and IPv6 router advertisements.
  • Learning how to configure your server to handle uncommon network protocols and how to properly configure the host firewall rules using either ufw
  • nftables or iptables.
  • Learning how to set up Logging and Auditing by configuring system accounting
  • auditing
  • data retention
  • rsyslog
  • and journald.
  • Learning how to configure Access
  • Authorization and Authentication with good examples of best practices for cron
  • ssh-server
  • PAM
  • and user accounts and environments.
  • Learning tips and tricks for System Maintenance
  • including how to configure file permissions on key system files and how to properly setup user and group settings.
  • Learning how to detect malware and rootkits; perform a vulnerability assessments; and how to set up and configure a SIEM.

Program Curriculum

  • Hardening Concepts
  • Hardening Challenges
  • Pre-Installation Process
  • Post Installation Process
  • Update and Patching
  • Cool Tools
  • Log4j: The Big Picture
  • $7 Million Cybersecurity Scholarship by EC-Council
  • Chapter 1 Lab
  • Chapter 1 Quiz

  • Relevant Concepts
  • Securing Linux Filesystems
  • Configuring apt
  • Configuring Sudo
  • Filesystem Integrity Checking
  • Secure Boot Settings
  • Additional Process Hardening
  • Mandatory Access Control (MAC)
  • Chapter 2 Lab
  • Chapter 2 Quiz

  • Introduction
  • Securing Key Services
  • Special Purpose Services
  • Service Clients
  • Chapter 3 Lab
  • Chapter 3 Quiz

  • Relevant Concepts
  • Disable Unused Network Protocols and Devices
  • Network Parameters (Host Only)
  • Network Parameters (Host and Router)
  • Uncommon Network Protocols
  • Firewall Configuration
  • Chapter 4 Lab
  • Chapter 4 Quiz

  • Relevant Concepts
  • Configure System Accounting (auditd)
  • Configure Logging
  • Chapter 5 Lab
  • Chapter 5 Quiz

  • Relevant Concepts
  • Configure cron
  • SSH Server Configuration
  • Configure PAM
  • User Accounts and Environment
  • Chapter 6 Lab
  • Chapter 6 Quiz

  • Relevant Concepts
  • System File Permissions
  • User and Group Settings
  • Chapter 7 Lab
  • Chapter 7 Quiz

  • Relevant Concepts
  • Lynis – Security Auditing and Rootkit Scanner
  • Chkrootkit & Rkhunter – Rootkit Scanner
  • ClamAV – Antivirus Software Toolkit
  • LMD – Linux Malware Detect
  • OpenVAS – Open Vulnerability Assessment System
  • Security Onion SIEM
  • AlienVault OSSIM SIEM
  • Chapter 8 Lab
  • Chapter 8 Quiz
Load more modules

Instructor

Donald Brown

Mr. Brown received his M.S. in Computer Science with a specialization in Computer Systems Security from Colorado Technical University. He earned his Undergraduate degree in Computer Integrated Manufacturing Technology (CIMT) from Purdue University. In his 30+ years in Industrial Automation, Don developed his skills on the IT side of manufacturing in addition to automation. That combined skillset grew into his desire to work in Cybersecurity. During that time, he also acquired his PMP certification for Project Management. Don utilizes this experience at Verista, Inc. which specializes in providing Consulting Services to organizations in the Life Sciences industry. At Verista, Don oversees the Cybersecurity Team which provides Cybersecurity Services to clients. Don has 10 years of experience teaching in the Information Technology, Electronics Technology, Secure Software Development, and Information Systems Security disciplines.

Join over 1 Million professionals from the most renowned Companies in the world!

certificate

Empower Your Learning with Our Flexible Plans

Invest in your future with our flexible subscription plans. Whether you're just starting out or looking to enhance your expertise, there's a plan tailored to meet your needs. Gain access to in-demand skills and courses for your continuous learning needs.

Monthly Plans
Annual Plans
Save 20% with our annual plans!

Pro

Ideal for continuous learning, offering extensive resources with 600+ courses and diverse Learning Paths to enhance your skills.

$ 499.00
Billed annually or $59.00 billed monthly
Get Started Now
Start your 7-day trial for $1

What is included

  • 700+ Premium Short Courses
  • 50+ Structured Learning Paths
  • Validation of Completion with all courses and learning paths
  • New Courses added every month
Early Access Offer

Pro +

Experience immersive learning with Practice Labs, CTF Challenges, and exclusive EC-Council certifications for comprehensive skill-building.

$ 599.00
Billed annually or $69.00 billed monthly
Get Started Now
Start your 7-day trial for $1

Everything in Pro and

  • 800+ Practice Lab exercises with guided instructions
  • 150+ CTF Challenges with detailed walkthroughs
  • New Practice Labs and Challenges added every month
  • 3 Official EC-Council Essentials Certifications¹ (retails at $897!)
    Exclusive Bonus with Annual Plans

¹This plan includes Digital Forensics Essentials (DFE), Ethical Hacking Essentials (EHE), and Network Defense Essentials (NDE) certifications. No other EC-Council certifications are included.

Related Courses

  • Hands-on FortiGate Firewall

    Hands-on FortiGate Firewall

    Short Course

    Hands-on FortiGate Firewall

    Security Architecture and Operations

    Learn how to deploy the FortiGate NGFW and how to configure t...

    $99.99

    Intermediate

    3 hr 0 m

  • Hands-on SELinux

    Hands-on SELinux

    Short Course

    Hands-on SELinux

    Security Architecture and Operations

    Learn SELinux Basics: Implement Security Policies, Troublesho...

    $49.99

    Beginner

    5 hr 28 m

  • Complete Bash Shell Scripting

    Complete Bash Shell Scripting

    Short Course

    Complete Bash Shell Scripting

    Security Architecture and Operations

    Automate repetitive tasks with Bash Shell Scripting to save v...

    $79.99

    Intermediate

    18 hr 10 m

  • Installing and Mitigating Linux Rootkits

    Installing and Mitigating Linux Rootkits

    Short Course

    Installing and Mitigating Linux Rootkits

    Security Architecture and Operations

    Understanding the threat posed by rootkits in Linux and poten...

    $59.99

    Advanced

    3 hr 0 m

  • Start Hacking and Making Money Today at HackerOne

    Start Hacking and Making Money Today at HackerOne

    Short Course

    Start Hacking and Making Money Today at HackerOne

    Security Architecture and Operations

    Hack Legally and Get Paid for Your Findings

    $59.99

    Beginner

    1 hr 9 m

  • PowerShell Scripting Essentials: Anatomy of Logging – Developing a Logging Module

    PowerShell Scripting Essentials: Anatomy of Logging – Developing a Logging Module

    Short Course

    PowerShell Scripting Essentials: Anatomy of Logging – Developi...

    Security Architecture and Operations

    How to write a PowerShell module that contains functions to d...

    $69.99

    Intermediate

    6 hr 1 m

  • Machine Learning for Application in Digital Forensics

    Machine Learning for Application in Digital Forensics

    Short Course

    Machine Learning for Application in Digital Forensics

    Security Architecture and Operations

    Unlocking the Potential of Machine Learning: From Theory to P...

    $99.99

    Intermediate

    4 hr 0 m

  • Applied Python Cryptography

    Applied Python Cryptography

    Short Course

    Applied Python Cryptography

    Security Architecture and Operations

    Securing your Python code and protecting your users private i...

    $79.99

    Intermediate

    4 hr 0 m

1 8