088 - 542 78 48 info@vijfhart.nl
SELinux, Security Enhanced Linux, is an additional security layer for Linux and is standard on Enterprise Linux variants such as Red Hat Enterprise Linux, AlmaLinux, RockyLinux, and OracleLinux.
For many administrators, SELinux can be a challenging security measure to implement and is often wrongly disabled. With increased cyber threats, actively using SELinux is recommended and is often required by organizational security policies.
In this course, the basic concepts of SELinux are explained, and it is discussed how SELinux can be correctly configured and used in the standard, daily practice. To be able to solve SELinux-related problems, the course also delves into investigating SELinux log information and teaches, through practical exercises, how to resolve issues.
In addition to active measures such as using SELinux, the detection of potentially malicious changes is becoming increasingly important. Changes to Linux and application configurations can be monitored using the Linux Audit Daemon auditd. The course focuses on how these changes can be recorded in Linux Audit Daemon log files through practical exercises and explains how this complex log information can be read and interpreted. Since SELinux also uses the Linux Audit Daemon, this course will help in better understanding detailed SELinux log information.