RHEL SELINUX POLICY ADMINISTRATION Training

We offer private customized training for groups of 3 or more attendees.

Course Description

 
This advanced security course takes a deep dive into the complexities and nuances of SELinux. The course discusses security threats posed to today’s computing resources and mitigating them through network and host protections. Students will review SELinux technology through understanding SELinux’s goals, how it has evolved including its features and limitations.
 
Students will gain hands-on experience in working with SELinux modes, virtualization, and container security. The core of the course is learning and understanding SELinux policy through, choosing, managing, and studying policy examples. Once students have an understanding of the SELinux policy the course will cover writing policy modules. The course is capped with multiple discussions on case studies that explore building SELinux policies. This SELinux course covers one of the major challenge faced by administering SELinux, SELinux troubleshooting.
Course Length: 3 Days
Course Tuition: $2590 (US)

Prerequisites

The "Linux Fundamentals" and "Enterprise Linux Systems Administration courses.

Course Outline

 
  1. COMPUTING SECURITY & SELINUX OVERVIEW
    1. Security Threats
    2. Network and Host Protection
    3. Shortcomings of Traditional Unix Security
    4. DAC vs. MAC
    5. SELinux Goals
    6. SELinux Evolution
    7. SELinux Features and Limitations
    8. SELinux Contexts
    9. Labels
    10. Access Decisions
    11. Transition Decisions: Processes
    12. SELinux Example
    LAB TASKS
    1. System Preparation
    2. Contexts
  2. WORKING WITH SELINUX
    1. SELinux Modes
    2. Gathering SELinux Information
    3. SELinux Virtual Filesystem
    4. Core Commands and SELinux
    5. SELinux Management Utilities
    6. Context and File Operations
    7. Managing File Context Database
    8. Managing Contexts
    9. Booleans
    10. SELinux Mount Options
    11. Virtualization Security
    12. Container Security
    13. Securing Networked Services
    14. Managing Port Contexts
    LAB TASKS
    1. Exploring SELinux Modes
    2. Gathering Information
    3. Managing SELinux Booleans
    4. Managing Contexts
    5. Mounting Filesystems
    6. Manual Relabel
    7. GUI Utilities
  3. POLICIES
    1. The SELinux Policy
    2. Choosing an SELinux Policy
    3. Policy Layout
    4. Examining Policy
    5. Managing Policies
    6. Targeted Policy
    7. Targeted Policy Example: Apache
    8. Targeted Policy Example: Other Contexts
    9. Minimum Policy
    10. MLS Policy Overview
    11. MCS Translation
    12. Polyinstantiated Directories
  4. USERS & ROLES
    1. Overview of Roles
    2. Roles
    3. User Mappings
    4. Kiosk User (xguest)
    5. Controlling Application Execution
    LAB TASKS
    1. SELinux Identities and Roles
    2. Kiosk User
  5. TROUBLESHOOTING SELINUX
    1. Access Denied. Now what?
    2. AVC Denied Examples
    3. Incorrect File Context
    4. Permissive Domains
    5. Using audit2allow
    LAB TASKS
    1. Troubleshooting using Permissive Domains
    2. Using audit2why and audit2allow to create policy
  6. WRITING POLICY MODULES
    1. SELinux Policy Tools
    2. SELinux Policy Source
    3. Reference Policy Source Exploration
    4. Process Transitions
    5. Object classes
    6. Policy Macros
    7. Creating Booleans
    8. Using Booleans in Policies
    9. Other Policy Commands
    10. Writing Policy Modules
    LAB TASKS
    1. Domain Transition Exploration
    2. Exploring SELinux Modes
    3. Writing a Simple Module
    4. Defining and using booleans
    5. Creating & Compiling Policy from Source
    6. Using seplogen
  7. CASE STUDY: SECURING AN APPLICATION LAB TASKS
    1. SELinux Policy Building: Case Study 1
  8. CASE STUDY: SECURING AN APPLICATION LAB TASKS
    1. SELinux Policy Building: Case Study 2
  9. BONUS LABS: LAB TASKS
    1. Installing and Switching Policies
    2. Minimum policy
    3. MCS Exploration
    4. MCS Restrictions
    5. Polyinstantiated Directories

Course Directory [training on all levels]

Upcoming Classes
Gain insight and ideas from students with different perspectives and experiences.

Linux Unix Uses & Stats

Linux Unix is Used For:
Desktop Mainframe Computers Mobile Devices Embedded Devices
Difficulty
Popularity
Year Created
1991/1971
Pros
Performance:
Linux supports many efficient tools and operates them seamlessly. Because it's architecture is lightweight it runs faster than both Windows 8.1 and 10. 
 
Security:
Because Linux is an open-source software,  anyone can contribute code to help enhance the users’ experience i.e., adding features, fixing bugs, reducing security risks, and more.
 
 
Software Development:
The terminal in Linux is a *wild card*. You can do almost anything with it. This includes software installation, application and server configurations, file system management, and etc.
 
Large-scale:
Open-source projects benefit from having an attentive community. As a result, Linux is more secure than Windows. Instead of installing anti viruses to clean malware, you just have to stick to the recommended repositories. 
 
Efficient: 
Developers have the convenience of running servers, training machine learning models, accessing remote machines, and compiling and running scripts from the same terminal window. 
 
Free: 
Linux is free (you can put it on as many systems as you like) and you can change it to suit your needs.
Cons
Learning Curve: 
Linux is not for everyone, there is a learning curve in switching to Ubuntu. To actually learn Linux efficiently would take a user one to several years.
 
No Tech Support:
Unlike Windows, there isn’t a dedicated tech support, so getting help for things is up to you. 
 
Designer Compatabilty:
Linux is not as user friendly as Windows or as ‘straight out of the box design’ As an example for design choices, Adobe hasn’t released any of its products to Linux users. So it’s impossible to run them directly. The Ubuntu alternative is a free software called GIMP. 
 
Gaming Capabilities: 
Most games aren’t available in Linux. But that’s not to say you can’t make it happen, it's just not as easy.   
Linux Unix Job Market
Average Salary
$85k-$105k
Job Count
n/a
Top Job Locations

New York City
Boston
San Francisco 

Complimentary Skills to have along with Linux Unix
The following are types of jobs that may require Linux skills.  The top 15 job titles on Dice.com that mention Linux in their postings are:
- DevOps Engineer
- Software Engineer
- Java Developer
- Systems Engineer
- Systems Administrator
- Senior Software Engineer
- Network Engineer
- Python Developer
- Linux Systems Administrator
- Software Developer
- System Administrator
- Linux Administrator
- Linux Engineer
- Senior Java Developer
- C++ Developer

Interesting Reads Take a class with us and receive a book of your choosing for 50% off MSRP.