Course Name: Red Hat Certified Specialist in Server Security and Hardening (RH413)


RedHat Server Hardening (RH413) aims to teach Linux system administrators how to setup and confgiure systems to comply with various securityrecommended practise or security policy audit requirements.



Managing Software Updates,


Working with filesystem options and features,


Usage of special permissions and ACLs,


Monitering filesystem and files changes,


Managing user authorization details,


Configuring PAM Authentication,


Boot sequence of RHEL6,


Configuring IdentityManagement,



Course Overview

The Red Hat Server Hardening course supplies methods and approaches for security policy and configuration requirements and options for user authentication, applying updates, system auditing and logging, file system integrity and other factors

Red Hat Server Hardening provides strategies for addressing specific policy and configuration concerns



Red Hat Server Hardening was very helpful for linux system administors, who going to manage the linux servers that people,


Needs technical guidance on how to enhance the security of Red Hat Enterprise Linux systems,


Responsible for implementing security policy requirements on Red Hat Enterprise Linux systems consistently and in a reproducible, scalable way.



TBasic knowledge in RedHat Operating Systems,


RedHat Certified System Administator or equivalent knowledge in 6,


Installing Linux Operating System and entry level commands called (touch,cat,cd,pwd,ls,history,vim,cp,mv),


Installing and removing Applications using (yum and rpm),


Service and Daemons Handling using chkconfig and service commands.

Topics In Red Hat Certified Specialist in Server Security and Hardening

What is redhat security response?,

What is redhat severity scoring?,

What is CVE and Errata?,

Various types of redhat software updates,

Package Backporting.

Validating package updates,

Applying package updates,

What is GPG Key in package management,

Examine the scripts of suspect packages before installing them.

Implementing filesystem encryption using LUKS,

Assign multiple password for single luks partion,

Backuping and restoring luks partion header informations,

providing encrypted password for the partion via the file.,

Securing filesystem using different types of mount options,

How to apply superblock mount options,

Applying extend file attributes,

Applying file attributes.

Usage of special permission concepts,

Special permission types,

Applying special permissions for files and drectories,

Review the effects of special permmisions on files and directories,

Auditing files with special permissions.

Setting default file permissions using umask,

How change the umask values as persistent,

Usage of ~/.bashrc,~/.bash_profile,

Managing Accesscontrollists,

Setting default file permissions using umask.

What is AIDE?,

How to install and confiure aide,

What is prelink?.

Managing password aging,

Tuning users defaults password expiry settings,

Auditing user accounts.

What is PAM?,

How its working?,

understanding pam configuration file syntax,

Usage of pam controls and pam types,

Understanding pam documentations,

Configuring password complexity using pam modules,

Limiting users resoruces via pam module,

Identifying users failed loggins and locking users account via pam module.

Boot sequence of RHEL 6,

What is Grub?,

Setting a bootloader and an os boot password in RHEL6,

Disable Control-Alt-Delete Key combination in text console,

Disable users list in users login screen in graphical console,

Disaply messages while users loggin in graphical console.

What is identity Management?,

How its identity management works,

Installing identity management,

Configuring identity management server,

Adding users and groups in identity management server,

configuring identity management clients.

Define identity management server users password expiration policy,

Limit client ssh user access,

Managing sudo on identity Management client systems.

What is log?,

How to collect logs from linux system using rsyslog,

Remote rsyslogging via encrypted tcp,

segregate logs in linux systems,

What is logrorate?,

Change log file roration freqency based on expected size.

What is Audit?,

Configuring audit,

Remote logging with audit,

Analyzing audit log messages,

Writing custom audit rules as persistent and temporary,

Removing audit rules,

Implement full terminal keystroke logging.

What is iptables?,

How iptables is working,

Configuring iptables in linux system,

Writing custom rules in iptables to deny or allow specific client request,

Troubleshooting iptables issues.

Practice and demonstrate knowledge and skills learned in Red Hat Server Hardening.


Linux system administrators should be able to recognize security vulnerabilities in linux system configurations and installed packages. Linux system administrators should be able to understand and respond to Common Vulnerabilities and Exposure (CVE) and Red Hat Security Advisory (RHSA) reports Linux system administrators should kept servers in more securely.