Education & Courses Products & Solutions Services & Support Contact Us

AIX SECURITY IV : INTRUSION DETECTION & REPORTING (AU44)

Format

Classroom

Duration

3.0 Day(s)

Description

This course presents techniques for detecting intrusions and suggested procedures for responding to security incidents. These processes will be placed in the context of basic concepts and recommended methodologies for security planning and overall security management. The course will also introduce a methodology for evaluating the security of an AIX system. Finally, the course will describe standardized industry criteria for system security, with an emphasis on Common Criteria for Information Technology Security Evaluation (CC), and explain how AIX can be configured to support compliance with the CC Controlled Access Protection Profile (CAPP) and Evaluation Assurance Level 4 (EAL4) standards.

Audience

The course is intended for system administrators, technical support personnel, and other support personnel responsible for implementing security on systems using the AIX operating system.

Prerequisites

Students attending this course should be skilled in the following areas:

  • AIX system administration
  • TCP/IP configuration in an AIX environment
  • Host and network security mechanisms available with AIX
  • Security utilities that employ cryptographic technology

These skills can be obtained by attending the following courses:

  • AU14/Q1314 AIX 5L System Administration I: Implementation
  • AU07/Q1307 AIX 5L Configuring TCP/IP
  • AU41/Q1341 AIX Security I: Host-based Mechanisms
  • AU42/Q1342 AIX Security II: Intranet Mechanisms
  • AU43/Q1343 AIX Security III: Internet Mechanisms

Students who have not attended these courses should have equivalent knowledge and skills.

Objectives

After completing this course, you should be able to:

  • Explain and apply a methodology for security management
  • Use the IBM eServer Security Planner for guidance in developing

an effective security policy

  • Identify intrusions on the host and network
  • Develop effective processes for responding to security incidents
  • Evaluate system and network security
  • Install an AIX system with the Controlled Access Protection Profile

(CAPP) and Evaluation Assurance Level 4+ (EAL4+) option

Contents

Effective Security Planning and Management
Intrusion Detection
Incident Response
Host and Network Evaluation
Formal Security Evaluation
Summary and Open Source

Home Education & Courses Products & Solutions Services & Support Contact Us