Components of the exam
The Enterprise Security: Network Services Expertise Exam is organized into two sections:
Centralized Authentication Security: 3.0 hours
Network Service Security: 3.0 hours
and the objectives:
Centralized authentication security
Configure an NIS server to provide directory services.
Configure Kerberos to provide user authentication.
Configure NFSv4 server.
Configure a network client to use NIS for directory information.
Configure a network client to use Kerberos for authentication.
Configure a network client to mount an NFSv4 export.
Configure r-clients (rlogin, rcp, etc.) and telnet to use Kerberos.
Network Services Security
Use xinetd and TCP wrappers to restrict access to network services.
Configure Postfix and Sendmail to:
Filter mail based on message characteristics.
Use TLS for secure communication.
Use the Real-time Blackhole List (RBL) via DNS.
Configure POP/IMAP to use SSL/TLS for secure communication
Configure the following aspects of DNS:
Master domain
Slave domain
Views
Forwarders
Blackhole lists (RBL)
TSIG
Use GPG tools to:
Generate key pairs.
Sign documents.
Encrypt documents.
Decrypt documents.
Verify document signatures.
Configure a certificate authority (CA) and sign certificate requests
Configure httpd to use an SSL certificate signed by a certifying authority.
Configure httpd to use passwords and/or network location to restrict access
to content.
Configure FTP security to:
Support FTP only users.
Implement host-based access restrictions.
No comments:
Post a Comment