Study points for the exam To help you prepare, review the exam objectives which highlights the task areas you can expect to see covered in the exam. Red Hat reserves the right to add, modify, and remove exam objectives. Such changes will be made public in advance. Candidates for the Red Hat Certificate of Expertise in Server Hardening should be able to perform the following tasks: Identify Red Hat Common Vulnerabilities and Exposures (CVEs) and Red Hat Security Advisories (RHSAs) and selectively update systems based on this information Verify package security and validity Identify and employ standards-based practices for configuring file system security, create and use encrypted file systems, tune file system features, and use specific mount options to restrict access to file system volumes Configure default permissions for users and use special file permissions, attributes, and access control lists (ACLs) to control access to files Install a * The following audiences may be interested in earning the Red Hat Certificate of Expertise in Server Hardening: System administrators responsible for standards-compliant security on Red Hat Enterprise Linux systems System administrators responsible for security on Red Hat Enterprise Linux systems or who wish to harden systems beyond default configurations RHCEs who wish to ea> Red Hat Certified Architect (RHCA). Study points for the exam To help you prepare, review the exam objectives which highlights the task areas you can expect to see covered in the exam. Red Hat reserves the right to add, modify, and remove exam objectives. Such changes will be made public in advance. Candidates for the Red Hat Certificate of Expertise in Server Hardening should be able to perform the following tasks: Identify Red Hat Common Vulnerabilities and Exposures (CVEs) and Red Hat Security Advisories (RHSAs) and selectively update systems based on this information Verify package security and validity Identify and employ standards-based practices for configuring file system security, create and use encrypted file systems, tune file system features, and use specific mount options to restrict access to file system volumes Configure default permissions for users and use special file permissions, attributes, and access control lists (ACLs) to control access to files Install and use intrusion detection capabilities in Red Hat Enterprise Linux to monitor critical system files Manage user account security and user password security Manage system login security using pluggable authentication modules (PAM) Configure console security by disabling features that allow systems to be rebooted or powered off using bootloader passwords Configure system-wide acceptable use notifications Install, configure, and manage identity management services and configure identity management clients Configure remote system logging services, configure system logging, and manage system log files using mechanisms such as log rotation and compression Configure system auditing services and review audit reports Use network scanning tools to identify open network service ports and configure and troubleshoot system firewalling As with all Red Hat performance-based exams, configurations must persist after reboot without intervention. Scores and reporting Official scores for exams come exclusively from Red Hat Certification Central. Red Hat does not authorize examiners or training partners to report results to candidates directly. Scores on the exam are usually reported within 3 U.S. business days. Exam results are reported as section scores. Red Hat does not report performance on individual items, nor will it provide additional information upon request. Prerequisites Be a Red Hat Certified System Administrator (RHCSA) or have comparable wor ...

Study points for the exam To help you prepare, review the exam objectives which highlights the task areas you can expect to see covered in the exam. Red Hat reserves the right to add, modify, and remove exam objectives. Such changes will be made public in advance. Candidates for the Red Hat Certificate of Expertise in Server Hardening should be able to perform the following tasks: Identify Red Hat Common Vulnerabilities and Exposures (CVEs) and Red Hat Security Advisories (RHSAs) and selectively update systems based on this information Verify package security and validity Identify and employ standards-based practices for configuring file system security, create and use encrypted file systems, tune file system features, and use specific mount options to restrict access to file system volumes Configure default permissions for users and use special file permissions, attributes, and access control lists (ACLs) to control access to files Install a * The following audiences may be interested in earning the Red Hat Certificate of Expertise in Server Hardening: System administrators responsible for standards-compliant security on Red Hat Enterprise Linux systems System administrators responsible for security on Red Hat Enterprise Linux systems or who wish to harden systems beyond default configurations RHCEs who wish to ea> Red Hat Certified Architect (RHCA). Study points for the exam To help you prepare, review the exam objectives which highlights the task areas you can expect to see covered in the exam. Red Hat reserves the right to add, modify, and remove exam objectives. Such changes will be made public in advance. Candidates for the Red Hat Certificate of Expertise in Server Hardening should be able to perform the following tasks: Identify Red Hat Common Vulnerabilities and Exposures (CVEs) and Red Hat Security Advisories (RHSAs) and selectively update systems based on this information Verify package security and validity Identify and employ standards-based practices for configuring file system security, create and use encrypted file systems, tune file system features, and use specific mount options to restrict access to file system volumes Configure default permissions for users and use special file permissions, attributes, and access control lists (ACLs) to control access to files Install and use intrusion detection capabilities in Red Hat Enterprise Linux to monitor critical system files Manage user account security and user password security Manage system login security using pluggable authentication modules (PAM) Configure console security by disabling features that allow systems to be rebooted or powered off using bootloader passwords Configure system-wide acceptable use notifications Install, configure, and manage identity management services and configure identity management clients Configure remote system logging services, configure system logging, and manage system log files using mechanisms such as log rotation and compression Configure system auditing services and review audit reports Use network scanning tools to identify open network service ports and configure and troubleshoot system firewalling As with all Red Hat performance-based exams, configurations must persist after reboot without intervention. Scores and reporting Official scores for exams come exclusively from Red Hat Certification Central. Red Hat does not authorize examiners or training partners to report results to candidates directly. Scores on the exam are usually reported within 3 U.S. business days. Exam results are reported as section scores. Red Hat does not report performance on individual items, nor will it provide additional information upon request. Prerequisites Be a Red Hat Certified System Administrator (RHCSA) or have comparable wor ...

Study points for the exam Use Red Hat Ansible ® Engine Install Red Hat Ansible Engine on a control node. Configure managed nodes. Configure simple inventories. Perform basic management of systems. Run a provided playbook against specified nodes. Configure intrusion detection Install AIDE. Configure AIDE to monitor critical system files. Configure encrypted storage Encrypt and decrypt block devices using LUKS. Configure encrypted storage persistence using NBDE. Change encrypted storage passphrases. Restrict USB devices Install USBGuard. Write device policy rules with specific criteria to manage devices. Manage administrative policy and daemon configuration. Manage system login security using pluggable authentication modules (PAMs) Configure password quality requirements. Configure failed login polic * for this exam These audiences may be interested in becoming a Red Hat Certified Specialist in Security: Linux: System administrators responsible for managing large enterprise environments System administrators responsible for securing their organization s infrastructure Red Hat Certified Engineers interested in pursuing the Red Hat Certified Architect (RHCA) credential Prerequisites for this exam Be a Red Hat Certified System Administrator or have comparable work experience and skills (Red Hat Certified Engineer would be even better) Review the Red Hat Certified Specialist in Security: Linux exam objectives or have comparable work experience using Red Hat OpenStack Platform. Study points for the exam Use Red Hat Ansible ® Engine Install Red Hat Ansible Engine on a control node. Configure managed nodes. Configure simple inventories. Perform basic management of systems. Run a provided playbook against specified nodes. Configure intrusion detection Install AIDE. Configure AIDE to monitor critical system files. Configure encrypted storage Encrypt and decrypt block devices using LUKS. Configure encrypted storage persistence using NBDE. Change encrypted storage passphrases. Restrict USB devices Install USBGuard. Write device policy rules with specific criteria to manage devices. Manage administrative policy and daemon configuration. Manage system login security using pluggable authentication modules (PAMs) Configure password quality requirements. Configure failed login policy. Modify PAM configuration files and parameters. Configure system auditing Write rules to log auditable events. Enable prepackaged rules. Produce audit reports. Configure SELinux Enable SELinux on a host running a simple application. Interpret SELinux violations and determine remedial action. Restrict user activity with SELinux user mappings. Analyze and correct existing SELinux configurations. Enforce security compliance Install OpenSCAP and Workbench. Use OpenSCAP and Red Hat Insights to scan hosts for security compliance. Use OpenSCAP Workbench to tailor policy. Use OpenSCAP Workbench to scan an individual host for security compliance. Use Red Hat Satellite server to implement an OpenSCAP policy. Apply OpenSCAP remediation scripts to hosts. As with all Red Hat performance-based exams, configurations must persist after reboot without intervention. Prerequisites Be a Red Hat Certified System Administrator or have comparable work experience and skills (Red Hat Certified Engineer would be even better) Review the Red Hat Certified Specialist in Security: Linux e ...

Study points for the exam To help you prepare, review the exam objectives which highlights the task areas you can expect to see covered in the exam. Red Hat reserves the right to add, modify, and remove exam objectives. Such changes will be made public in advance. Candidates for the Red Hat Certificate of Expertise in Server Hardening should be able to perform the following tasks: Identify Red Hat Common Vulnerabilities and Exposures (CVEs) and Red Hat Security Advisories (RHSAs) and selectively update systems based on this information Verify package security and validity Identify and employ standards-based practices for configuring file system security, create and use encrypted file systems, tune file system features, and use specific mount options to restrict access to file system volumes Configure default permissions for users and use special file permissions, attributes, and access control lists (ACLs) to control access to files Install a * The following audiences may be interested in earning the Red Hat Certificate of Expertise in Server Hardening: System administrators responsible for standards-compliant security on Red Hat Enterprise Linux systems System administrators responsible for security on Red Hat Enterprise Linux systems or who wish to harden systems beyond default configurations RHCEs who wish to ea> Red Hat Certified Architect (RHCA). Study points for the exam To help you prepare, review the exam objectives which highlights the task areas you can expect to see covered in the exam. Red Hat reserves the right to add, modify, and remove exam objectives. Such changes will be made public in advance. Candidates for the Red Hat Certificate of Expertise in Server Hardening should be able to perform the following tasks: Identify Red Hat Common Vulnerabilities and Exposures (CVEs) and Red Hat Security Advisories (RHSAs) and selectively update systems based on this information Verify package security and validity Identify and employ standards-based practices for configuring file system security, create and use encrypted file systems, tune file system features, and use specific mount options to restrict access to file system volumes Configure default permissions for users and use special file permissions, attributes, and access control lists (ACLs) to control access to files Install and use intrusion detection capabilities in Red Hat Enterprise Linux to monitor critical system files Manage user account security and user password security Manage system login security using pluggable authentication modules (PAM) Configure console security by disabling features that allow systems to be rebooted or powered off using bootloader passwords Configure system-wide acceptable use notifications Install, configure, and manage identity management services and configure identity management clients Configure remote system logging services, configure system logging, and manage system log files using mechanisms such as log rotation and compression Configure system auditing services and review audit reports Use network scanning tools to identify open network service ports and configure and troubleshoot system firewalling As with all Red Hat performance-based exams, configurations must persist after reboot without intervention. Scores and reporting Official scores for exams come exclusively from Red Hat Certification Central. Red Hat does not authorize examiners or training partners to report results to candidates directly. Scores on the exam are usually reported within 3 U.S. business days. Exam results are reported as section scores. Red Hat does not report performance on individual items, nor will it provide additional information upon request. Prerequisites Be a Red Hat Certified System Administrator (RHCSA) or have comparable wor ...

Study points for the exam Use Red Hat Ansible ® Engine Install Red Hat Ansible Engine on a control node. Configure managed nodes. Configure simple inventories. Perform basic management of systems. Run a provided playbook against specified nodes. Configure intrusion detection Install AIDE. Configure AIDE to monitor critical system files. Configure encrypted storage Encrypt and decrypt block devices using LUKS. Configure encrypted storage persistence using NBDE. Change encrypted storage passphrases. Restrict USB devices Install USBGuard. Write device policy rules with specific criteria to manage devices. Manage administrative policy and daemon configuration. Manage system login security using pluggable authentication modules (PAMs) Configure password quality requirements. Configure failed login polic * for this exam These audiences may be interested in becoming a Red Hat Certified Specialist in Security: Linux: System administrators responsible for managing large enterprise environments System administrators responsible for securing their organization s infrastructure Red Hat Certified Engineers interested in pursuing the Red Hat Certified Architect (RHCA) credential Prerequisites for this exam Be a Red Hat Certified System Administrator or have comparable work experience and skills (Red Hat Certified Engineer would be even better) Review the Red Hat Certified Specialist in Security: Linux exam objectives or have comparable work experience using Red Hat OpenStack Platform. Study points for the exam Use Red Hat Ansible ® Engine Install Red Hat Ansible Engine on a control node. Configure managed nodes. Configure simple inventories. Perform basic management of systems. Run a provided playbook against specified nodes. Configure intrusion detection Install AIDE. Configure AIDE to monitor critical system files. Configure encrypted storage Encrypt and decrypt block devices using LUKS. Configure encrypted storage persistence using NBDE. Change encrypted storage passphrases. Restrict USB devices Install USBGuard. Write device policy rules with specific criteria to manage devices. Manage administrative policy and daemon configuration. Manage system login security using pluggable authentication modules (PAMs) Configure password quality requirements. Configure failed login policy. Modify PAM configuration files and parameters. Configure system auditing Write rules to log auditable events. Enable prepackaged rules. Produce audit reports. Configure SELinux Enable SELinux on a host running a simple application. Interpret SELinux violations and determine remedial action. Restrict user activity with SELinux user mappings. Analyze and correct existing SELinux configurations. Enforce security compliance Install OpenSCAP and Workbench. Use OpenSCAP and Red Hat Insights to scan hosts for security compliance. Use OpenSCAP Workbench to tailor policy. Use OpenSCAP Workbench to scan an individual host for security compliance. Use Red Hat Satellite server to implement an OpenSCAP policy. Apply OpenSCAP remediation scripts to hosts. As with all Red Hat performance-based exams, configurations must persist after reboot without intervention. Prerequisites Be a Red Hat Certified System Administrator or have comparable work experience and skills (Red Hat Certified Engineer would be even better) Review the Red Hat Certified Specialist in Security: Linux e ...