Configuring Security on the Solaris 10 OS

Course Description

The Configuring Security on the Solaris 10 Operating System course provides students with the knowledge and skills to customize security on Solaris 10 systems.Students who can benefit from this course:Security, System, and Network Administrators who are responsible for customizing security on Solaris 10 systemsThis course counts towards the Hands-on course requirement for the Oracle Solaris 10 Security Administrator Certification. Only instructor-led inclass or instructor-led online formats of this course will meet the Certification Hands-on Requirement. Self Study CD-Rom and Knowledge Center courses DO NOT meet the Hands-on Requirement.

Skills Gained

• Describe the security features of the Solaris 10 Operating System
• Configure the security features relevant to Solaris 10 System Administrators
• Configure the security features relevant to Solaris 10 Network Administrators

Prerequisites

• System Administration for the Solaris 10 Operating System, Part 2 (SA-202-S10)
• Administer services and zones on Solaris 10 systems
• Administer users, packages, and applications on Solaris 10 systems
• Administer networking and routing on Solaris 10 systems
• Describe basic system and network security concepts

Syllabus

Describing Basic Security Principles

• Describe Security Principles
• Describe the Need for a Security Policy
• Describe the Need to Securely Configure Systems
• Describe the Need for Auditing
• Describe the Need for Patching

Listing Applicable Solaris 10 Security Features

• Describe Security Enhancements Relevant to System and Network Administrators

Describing Minimization

• Minimal Installation
• Software Installation Clusters (Meta Clusters)
• Loose Versus Strict Minimization
• Providing Consistent, Known Configuration for Installations

Managing Patches

• Describe the Update Manager
• Signed Patches
• Verifying Signatures
• Specifying a Web Proxy

Performing Hardening

• Performing Hardening
• Implementing the Solaris Security Toolkit (SST)

Implementing Process Rights Management

• Describe PRM
• Process Privileges
• Determine rights required by process
• Assign minimum rights to a process
• Debugging Privileges

Implementing User Rights Management

• Access Control
• RBAC
• Implementing Password Strength, Syntax Checking, History and Aging Improvements

Utilizing the Solaris Cryptographic Framework

• Describe the Solaris Cryptographic Framework (SCF)
• List the Basic administration tools for SCF
• Use SCF with a Web Server
• Use SCF with a Java-based application
• Use SCF with a Sun Crypto Accelerator
• Using the SCF User-Level Commands Management

Managing File system Security

• Signed ELF Objects
• Implement the Basic Audit and Report Tool (BART) for File Integrity
• Describe Validated Execution

Using the Service Management Facility

• Describe Using the SMF
• Describe the Concept of Least Privilege
• Describe Authorizations Limit Service Privileges
• Determine a Current Service s Privileges
• Configure a Service to use Reduced Privileges

Securing Networks

• TCP Wrappers
• Implement the IPfilter Stateful Packet Filtering Firewall
• Kerberos
• Implementing the Solaris Secure Shell (SSH)
• Describe NFSv4

Implementing IPsec

• Describe IP Security
• Implement IPsec
• IPsec's position in the Solaris OS Cryptographic Framework
• Configuring IPsec
• Describe IKE
• Configure IKE
• Troubleshoot IPsec and IKE

Performing Auditing and Logging

• Describe Solaris Audit
• Configure Audit Policy
• Implement Solaris Audit
• Configure for Zones
• JASS Audit
• Review Audit Logs
• Learning from Audit Trails
• Tamper Proof Logging

Implementing Security in Solaris Zones

• Describe Security Characteristics
• Describe the Global Zone
• When/How to use Zones
• Resource Management
• Zones and Auditing
• Zones and Network Security
• Patching Zones

How Security Components Work Together

• Describe how Security Components Work Together
• Describe how Technologies Interact
• Infrastructure Requirements