Red Hat Certified Specialist in Security: Linux ( RH415)

The Red Hat Certified Specialist in Security: Linux exam validates your knowledge and abilities in securing Red Hat® Enterprise Linux®. By passing this exam, you become a Red Hat Certified Specialist: Linux, which also counts toward becoming a Red Hat Certified Architect (RHCA®). This exam is based on Red Hat Enterprise Linux version 7.5.
  • Objectives

    In preparation
    To help you study, review the following exam objectives that highlight the task areas you can expect to see covered in the exam. Red Hat reserves the right to add, modify, and remove exam objectives. Such changes will be made public in advance.

    Study points for the exam
    Use Red Hat Ansible® Engine
    Install Red Hat Ansible Engine on a control node.
    Configure managed nodes.
    Configure simple inventories.
    Perform basic management of systems.
    Run a provided playbook against specified nodes.
    Configure intrusion detection
    Install AIDE.
    Configure AIDE to monitor critical system files.
    Configure encrypted storage
    Encrypt and decrypt block devices using LUKS.
    Configure encrypted storage persistence using NBDE.
    Change encrypted storage passphrases.
    Restrict USB devices
    Install USBGuard.
    Write device policy rules with specific criteria to manage devices.
    Manage administrative policy and daemon configuration.
    Manage system login security using pluggable authentication modules (PAMs)
    Configure password quality requirements.
    Configure failed login policy.
    Modify PAM configuration files and parameters.
    Configure system auditing
    Write rules to log auditable events.
    Enable prepackaged rules.
    Produce audit reports.
    Configure SELinux
    Enable SELinux on a host running a simple application.
    Interpret SELinux violations and determine remedial action.
    Restrict user activity with SELinux user mappings.
    Analyze and correct existing SELinux configurations.
    Enforce security compliance
    Install OpenSCAP and Workbench.
    Use OpenSCAP and Red Hat Insights to scan hosts for security compliance.
    Use OpenSCAP Workbench to tailor policy.
    Use OpenSCAP Workbench to scan an individual host for security compliance.
    Use Red Hat Satellite server to implement an OpenSCAP policy.
    Apply OpenSCAP remediation scripts to hosts.
    As with all Red Hat performance-based exams, configurations must persist after reboot without intervention.

  • What You Need To Know

    Course overview
    Maintaining security of computing systems is a process of managing risk through the implementation of processes and standards backed by technologies and tools. In this course, you will learn about resources that can be used to help you implement and comply with your security requirements.

    Course content summary
    Manage compliance with OpenSCAP.
    Enable SELinux on a server from a disabled state, perform basic analysis of the system policy, and mitigate risk with advanced SELinux techniques.
    Proactively identify and resolve issues with Red Hat Insights.
    Monitor activity and changes on a server with Linux Audit and AIDE.
    Protect data from compromise with USBGuard and storage encryption.
    Manage authentication controls with PAM.
    Manually apply provided Ansible Playbooks to automate mitigation of security and compliance issues.
    Scale OpenSCAP and Red Hat Insights management with Red Hat Satellite and Red Hat Ansible Tower.

  • Audience & Prerequisites

    Audience for this exam
    These audiences may be interested in becoming a Red Hat Certified Specialist in Security: Linux:

    System administrators responsible for managing large enterprise environments
    System administrators responsible for securing their organization’s infrastructure
    Red Hat Certified Engineers interested in pursuing the Red Hat Certified Architect (RHCA) credential
    Prerequisites for this exam
    Be a Red Hat Certified System Administrator or have comparable work experience and skills (Red Hat Certified Engineer would be even better)
    Review the Red Hat Certified Specialist in Security: Linux exam objectives or have comparable work experience using Red Hat OpenStack Platform.

  • Training

    The best way to learn is to do
    We recommend this course to help you prepare to earn a Red Hat Certified Specialist in Security: Linux credential:

    Red Hat Security: Linux in Physical, Virtual, and Cloud (RH415)