Call : (+91) 968636 4243
Mail : info@EncartaLabs.com
EncartaLabs

SELinux Policy Administration

( Duration: 3 Days )

This SELinux Policy Administration training course takes a deep dive into the complexities and nuances of SELinux. The course discusses security threats posed to today’s computing resources and mitigating them through network and host protections. You will review SELinux technology through understanding SELinux’s goals, how it has evolved including its features and limitations.

By attending SELinux Policy Administration workshop, delegates will gain

  • Hands-on experience in working with SELinux modes, virtualization, and container security. The core of the course is learning and understanding SELinux policy through, choosing, managing, and studying policy examples. Once you have an understanding of the SELinux policy the course will cover writing policy modules. The course is capped with multiple discussions on case studies that explore building SELinux policies. This course covers one of the major challenge faced by administering SELinux, SELinux troubleshooting.

  • Knowledge of the 'Linux Fundamentals' and 'Enterprise Linux Systems Administration'

COURSE AGENDA

1

Computing Security & SELinux Overview

  • Security Threats
  • Network and host protection
  • Shortcomings of Traditional Unix Security
  • DAC vs. MAC
  • SELinux goals
  • SELinux evolution
  • SELinux features and limitations
  • SELinux contexts
  • Labels
  • Access decisions
  • Transition decisions: processes
  • SELinux example
2

Working With SELinux

  • SELinux modes
  • Gathering SELinux information
  • SELinux virtual filesystem
  • Core Commands and SELinux
  • SELinux management utilities
  • Context and file operations
  • Managing file context database
  • Managing contexts
  • Booleans
  • SELinux mount options
  • Virtualization security
  • Container security
  • Securing networked services
  • Managing port contexts
3

Policies

  • The SELinux policy
  • Choosing an SELinux policy
  • Policy layout
  • Examining policy
  • Managing policies
  • Targeted policy
  • Targeted policy example: Apache
  • Targeted policy example: other contexts
  • Minimum policy
  • MLS policy overview
  • MCS translation
  • Polyinstantiated directories
4

Users & Roles

  • Overview of roles
  • Roles
  • User Mappings
  • Kiosk User (xguest)
  • Controlling Application Execution
5

Troubleshooting SELinux

  • Access denied. Now what?
  • AVC denied examples
  • Incorrect file context
  • Permissive domains
  • Using audit2allow
6

Writing Policy Modules

  • SELinux policy tools
  • SELinux policy source
  • Reference policy source exploration
  • Process transitions
  • Object classes
  • Policy macros
  • Creating Booleans
  • Using Booleans in policies
  • Other policy commands
  • Writing policy modules

Encarta Labs Advantage

  • One Stop Corporate Training Solution Providers for over 6,000 various courses on a variety of subjects
  • All courses are delivered by Industry Veterans
  • Get jumpstarted from newbie to production ready in a matter of few days
  • Trained more than 50,000 Corporate executives across the Globe
  • All our trainings are conducted in workshop mode with more focus on hands-on sessions

View our other course offerings by visiting https://www.encartalabs.com/course-catalogue-all.php

Contact us for delivering this course as a public/open-house workshop/online training for a group of 10+ candidates.

Top
Notice
X