Students who can benefit from this course are security, system, and network administrators who are responsible for customizing security on Solaris 10 systems.

* Administer users, packages, and applications on Solaris 10 systems* Administer networking and routing on Solaris 10 systems* Describe basic system and network security concepts* Administer services and zones on Solaris 10 systems:

• Describe the security features of the Solaris 10 Operating System
• Configure the security features relevant to Solaris 10 system administrators
• Configure the security features relevant to Solaris 10 network administrators

Module 1 - Describing Basic Security Principles

• Describe Security Principles
• Describe the Need for a Security Policy
• Describe the Need to Securely Configure Systems
• Describe the Need for Auditing
• Describe the Need for Patching

Module 2 - Listing Applicable Solaris 10 Security Features

• Describe Security Enhancements Relevant to System and Network Administrators

Module 3 - Describing Minimization

• Minimal Installation
• Software Installation Clusters (Meta Clusters)
• Loose Versus Strict Minimization
• Providing Consistent, Known Configuration for Installations

Module 4 - Managing Patches

• Describe the Update Manager
• Signed Patches
• Verifying Signatures
• Specifying a Web Proxy

Module 5 - Performing Hardening

• Preforming Hardening
• Implementing the Solaris Security Toolkit (SST)

Module 6 - Implementing Process Rights Management

• Describe PRM
• Process Privileges
• Determine rights required by process
• Assign minimum rights to a process
• Debugging Privileges

Module 7 - Implementing User Rights Management

• Access Control
• RBAC
• Implementing Password Strength, Syntax Checking, History and Aging Improvements

Module 8 - Utilizing the Solaris Cryptographic Framework

• Describe the Solaris Cryptographic Framework (SCF)
• List the Basic administration tools for SCF
• Use SCF with a Web Server
• Use SCF with a Java-based application
• Use SCF with a Sun Crypto Accelerator
• Using the SCF User-Level Commands Management

Module 9 - Managing File system Security

• Signed ELF Objects
• Implement the Basic Audit and Report Tool (BART) for File Integrity
• Describe Validated Execution

Module 10 - Using the Service Management Facility

• Describe Using the SMF
• Describe the Concept of Least Privilege
• Describe Authorizations Limit Service Privileges
• Determine a Current Service s Privileges
• Configure a Service to use Reduced Privileges

Module 11 - Securing Networks

• TCP Wrappers
• Implement the IPfilter Stateful Packet Filtering Firewall
• Kerberos
• Implementing the Solaris Secure Shell (SSH)
• Describe NFSv4

Module 12 - Implementing IPsec

• Describe IP Security
• Implement IPsec
• IPsecs position in the Solaris OS Cryptographic Framework
• Configuring IPsec
• Describe IKE
• Configure IKE
• Troubleshoot IPsec and IKE

Module 13 - Performing Auditing and Logging

• Describe Solaris Audit
• Configure Audit Policy
• Implement Solaris Audit
• Configure for Zones
• JASS Audit
• Review Audit Logs
• Learning from Audit Trails
• Tamper Proof Logging

Module 14 - Implementing Security in Solaris Zones

• Describe Security Characteristics
• Describe the Global Zone
• When/How to use Zones
• Resource Management
• Zones and Auditing
• Zones and Network Security
• Patching Zones

Module 15 - How Security Components Work Together

• Describe how Security Components Work Together
• Describe how Technologies Interact
• Infrastructure Requirements

Appendix A - Managing Resources

• Resource Controls
• Resource Exhaustion Attack Prevention