Format

Classroom

Duration

3.0 Day(s)

Description

This course provides the student with the second layer to securing AIX systems in an enterprise security environment (The first layer is provided in the course AU41/Q1341).
The course focus is on network based security mechanisms included with the basic AIX installation and bonus package CD-ROMs. The goal of many system and application administrators is to create uniform access to systems and/or applications without the end user being aware of where the application is running. Along this line, the course focuses on extending host-based mechanisms over the network so that user access to application and system resources is independent of the host supporting the user, wherever possible and permitted.
Exercises are developed to enhance student understanding of the inherent weaknesses of a networked environment so that network related risks to information systems security can be determined.

Audience

This course is targeted for system, application, and network administrators responsible for information system security.

Prerequisites

o AIX 5L Configuring TCP/IP (AU07/Q1307)
o AIX Security I: Host-based Mechanisms (AU41/Q1341)

Objectives

After completing this course, you should be able to:
o Identify the risks inherent in network communications.
o Implement user administration using the AIX LDAP filesets.
o Use iptrace and tcpdump to monitor IP packets arriving/departing to/from a host.
o Implement ACLs in an NFS environment.
o Describe the difference between AFS, DFS, and NFS.
o Enhance security audit configurations to include network events.

Contents

Inherent IP weaknesses
o Using iptrace, tcpdump, and syslog to monitor network events
o Adding network events to audit configuration
o Enabling/disabling standard IP protocols
o Strength/weakness of popular IP applications
o User administration in a network environment
o Access control in a network environment