Personalizing Security on the Solaris 10 Operating System

Students who can benefit from this course are security, system, and network administrators who are responsible for customizing security on Solaris 10 systems.

Upon completion of this course, students should be able to:

• Describe the security features of the Solaris 10 Operating System
• Configure the security features relevant to Solaris 10 system administrators
• Configure the security features relevant to Solaris 10 network administrators

• Describe Security Principles
• Describe the Need for a Security Policy
• Describe the Need to Securely Configure Systems
• Describe the Need for Auditing
• Describe the Need for Patching

• Describe Security Enhancements Relevant to System and Network Administrators

• Minimal Installation
• Software Installation Clusters (Meta Clusters)
• Loose Versus Strict Minimization
• Providing Consistent, Known Configuration for Installations

• Describe the Update Manager
• Signed Patches
• Verifying Signatures
• Specifying a Web Proxy

• Preforming Hardening
• Implementing the Solaris Security Toolkit (SST)

• Describe PRM
• Process Privileges
• Determine rights required by process
• Assign minimum rights to a process
• Debugging Privileges

• Access Control
• RBAC
• Implementing Password Strength, Syntax Checking, History and Aging Improvements

• Describe the Solaris Cryptographic Framework (SCF)
• List the Basic administration tools for SCF
• Use SCF with a Web Server
• Use SCF with a Java-based application
• Use SCF with a Sun Crypto Accelerator
• Using the SCF User-Level Commands Management

• Signed ELF Objects
• Implement the Basic Audit and Report Tool (BART) for File Integrity
• Describe Validated Execution

• Describe Using the SMF
• Describe the Concept of Least Privilege
• Describe Authorizations Limit Service Privileges
• Determine a Current Service s Privileges
• Configure a Service to use Reduced Privileges

• TCP Wrappers
• Implement the IPfilter Stateful Packet Filtering Firewall
• Kerberos
• Implementing the Solaris Secure Shell (SSH)
• Describe NFSv4

Implementing IPsec

• Describe IP Security
• Implement IPsec
• IPsecs position in the Solaris OS Cryptographic Framework
• Configuring IPsec
• Describe IKE
• Configure IKE
• Troubleshoot IPsec and IKE

• Describe Solaris Audit
• Configure Audit Policy
• Implement Solaris Audit
• Configure for Zones
• JASS Audit
• Review Audit Logs
• Learning from Audit Trails
• Tamper Proof Logging

• Describe Security Characteristics
• Describe the Global Zone
• When/How to use Zones
• Resource Management
• Zones and Auditing
• Zones and Network Security
• Patching Zones

How Security Components Work Together

• Describe how Security Components Work Together
• Describe how Technologies Interact
• Infrastructure Requirements

Related courses before

• SA-202-S10: System Administration for the Solaris 10 Operating System, Part 2 (SA-202-S10)
• SA-203-S10: Advanced System Administration for the Solaris 10 Operating System on x86 Based Systems (SA-203-S10)
• SA-300-S10: Network Administration for the Solaris 10 Operating System (SA-300-S10)
• SC-300: Administering Security on the Solaris Operating System (SC-300)

Related courses after

• SC-345: Solaris Operating System Network Intrusion Detection (SC-345)
• SC-360: Enterprise Security Using Kerberos and LDAP (SC-360)
• SC-410: Computer Security Forensics and System Recovery (SC-410)