EX413 - Red Hat Certificate of Expertise in Server Hardening

notquitecertifiablenotquitecertifiable Member Posts: 36 ■■■□□□□□□□
I saw this on the LinkedIn RHCE group -

"Red Hat Server Hardening (RH413): All-new Security course that replaces RHS423 and elements from RHS333; Course and exam expected to release end of July

Combined with: Red Hat Certificate of Expertise in Server Hardening (EX413): All-new Security exam expected to release end of July. "

First I've heard of it. Maybe I won't be doing the exams I thought I'd be for the RHCSS next year...
«1

Comments

  • chanakyajupudichanakyajupudi Member Posts: 712
    What ! Why ! I was just getting there ! I am now under pressure to complete the RHCA this year. I dont like change !
    Work In Progress - RHCA [ ] Certified Cloud Security Professional [ ] GMON/GWAPT if Work Study is accepted [ ]
    http://adarsh.amazonwebservices.ninja


  • notquitecertifiablenotquitecertifiable Member Posts: 36 ■■■□□□□□□□
    Red Hat | Certificationshas the new security cert, a hybrid storage cert and an OpenStack one. All showing as coming soon.

    It'll be interesting to see if the new 413 replaces the LDAP exam in both RHCDS and RHCSS.
  • chanakyajupudichanakyajupudi Member Posts: 712
    But it really does not say when it is releasing and if it replaces any exam.
    Work In Progress - RHCA [ ] Certified Cloud Security Professional [ ] GMON/GWAPT if Work Study is accepted [ ]
    http://adarsh.amazonwebservices.ninja


  • chanakyajupudichanakyajupudi Member Posts: 712
    I guess I have the 429 this month . And nothing will happen till November. I would definitely do the course though. Lets think about the cert ! I have done enough this year. And I have a lot planned too .

    All my certs have been done this year. Came into some money. Thought I'd use it wisely !
    Work In Progress - RHCA [ ] Certified Cloud Security Professional [ ] GMON/GWAPT if Work Study is accepted [ ]
    http://adarsh.amazonwebservices.ninja


  • brombulecbrombulec Member Posts: 186 ■■■□□□□□□□
    It'll be great new certificate ... but what about preparation materials? Will it cover RHEL6 or RHEL7?

    --
    Regards
  • chanakyajupudichanakyajupudi Member Posts: 712
    RHEL 6. Releasing only in November.
    Work In Progress - RHCA [ ] Certified Cloud Security Professional [ ] GMON/GWAPT if Work Study is accepted [ ]
    http://adarsh.amazonwebservices.ninja


  • chanakyajupudichanakyajupudi Member Posts: 712
    Released !

    Exam Blueprint :

    Candidates for the Red Hat Certificate of Expertise in Server Hardening should be able to perform the following tasks:
    • Identify Red Hat Common Vulnerabilities and Exposures (CVEs) and Red Hat Security Advisories (RHSAs) and selectively update systems based on this information.
    • Verify package security and validity.
    • Identify and employ standards-based practices for configuring file system security, create and use encrypted file systems, tune file system features, and use specific mount options to restrict access to file system volumes.
    • Configure default permissions for users and use special file permissions, attributes, and access control lists (ACLs) to control access to files.
    • Install and use intrusion detection capabilities in Red Hat Enterprise Linux to monitor critical system files.
    • Manage user account security and user password security.
    • Manage system login security using pluggable authentication modules (PAM).
    • Configure console security by disabling features that allow systems to be rebooted or powered off using bootloader passwords.
    • Configure system-wide acceptable use notifications.
    • Install, configure, and manage identity management services and configure identity management clients.
    • Configure remote system logging services, configure system logging, and manage system log files using mechanisms such as log rotation and compression.
    • Configure system auditing services and review audit reports.
    • Use network scanning tools to identify open network service ports and configure and troubleshoot system firewalling.
    • Perform OpenSCAP scans against systems and interpret reports.
    Work In Progress - RHCA [ ] Certified Cloud Security Professional [ ] GMON/GWAPT if Work Study is accepted [ ]
    http://adarsh.amazonwebservices.ninja


  • chanakyajupudichanakyajupudi Member Posts: 712
    Its very doable ! And to the point !
    Work In Progress - RHCA [ ] Certified Cloud Security Professional [ ] GMON/GWAPT if Work Study is accepted [ ]
    http://adarsh.amazonwebservices.ninja


  • BodanelBodanel Member Posts: 214 ■■■□□□□□□□
    Many thks dude.
  • chanakyajupudichanakyajupudi Member Posts: 712
    Sure man !

    I will be doing the course soon.

    Will let you know the feedback !

    Cheers
    Work In Progress - RHCA [ ] Certified Cloud Security Professional [ ] GMON/GWAPT if Work Study is accepted [ ]
    http://adarsh.amazonwebservices.ninja


  • ExpectExpect Member Posts: 252 ■■■■□□□□□□
  • notquitecertifiablenotquitecertifiable Member Posts: 36 ■■■□□□□□□□
    Released !

    Candidates for the Red Hat Certificate of Expertise in Server Hardening should be able to perform the following tasks:

    Well it looks like they're starting to put the updated information out - Red Hat | Certification FAQs - Red Hat certification changes section

    Expertise in Security: Network Services and Expertise in Directory Services and Authentication are both being slowly depreciated and retired. RHCA will use RHCVA in place of the directory services exam. So Chanakyajupudi already has that one covered ;) It'll also use Server Hardening instead of RH333. Looks like the RHCSS will be changing a lot.

    Makes me a little happy that I didn't get very far in to the RHCSS - the only exam I took is the one they're keeping! Looks like doing the EX413 makes the most sense as it seems to count in two streams still.
  • chanakyajupudichanakyajupudi Member Posts: 712
    I am done with the RHCSS. I would however do the course if it costs the same as the other RHCSS level papers. It cost about 400 $ for the course and exam. Lets see how they price the course.
    Work In Progress - RHCA [ ] Certified Cloud Security Professional [ ] GMON/GWAPT if Work Study is accepted [ ]
    http://adarsh.amazonwebservices.ninja


  • brombulecbrombulec Member Posts: 186 ■■■□□□□□□□
    So it's clear now:
    A Red Hat® Certified Security Specialist (RHCSS) is a Red Hat Certified Engineer (RHCE®) whose status is current and who has earned the following Red Hat Certificates of Expertise:

    Note: The Red Hat Certificate of Expertise in Server Hardening may be substituted for either the Red Hat Certificate of Expertise in Security: Network Services or Red Hat Certificate of Expertise in Directory Services and Authentication but not both.


    IMHO the easiest path will be 429 + 423+ 413.

    --
    Regards
  • chanakyajupudichanakyajupudi Member Posts: 712
    Depends. 413 sounds and looks like it needs a great deal of work! 333 seems like a breeze when compared to the 413.

    I am surprised they still have the SeLinux papers still there. Not a lot of the enterprise people are using it due to products like PowerBroker being there for the same reason and are a lot easier.
    Work In Progress - RHCA [ ] Certified Cloud Security Professional [ ] GMON/GWAPT if Work Study is accepted [ ]
    http://adarsh.amazonwebservices.ninja


  • brombulecbrombulec Member Posts: 186 ■■■□□□□□□□
    They will promote SELinux - PowerBroker is a potential cost, PowerBrokerOpen is different solution.
    I think that they withdraw 333 soon and replace it with 413.

    --
    Regards
  • chanakyajupudichanakyajupudi Member Posts: 712
    I am starting the course in November. Lets hope that goes well.
    Work In Progress - RHCA [ ] Certified Cloud Security Professional [ ] GMON/GWAPT if Work Study is accepted [ ]
    http://adarsh.amazonwebservices.ninja


  • brombulecbrombulec Member Posts: 186 ■■■□□□□□□□
    I'll attend the course (RH413) in December and I'll try to pass exam (EX413) in January or February. But first other stuff (cluster, MCSE: SI, CCNA:Sec) :)
  • varelgvarelg Banned Posts: 790
    and $600 it is... kahm kahm...
  • UnixGuyUnixGuy Mod Posts: 4,570 Mod
    varelg wrote: »
    and $600 it is... kahm kahm...

    and the training is 3200$ ! Red Hat trainings are very expensive, and there is no material out there to cover the exam stuff, so I wonder how viable are these certs anyway
    Certs: GSTRT, GPEN, GCFA, CISM, CRISC, RHCE

    Learn GRC! GRC Mastery : https://grcmastery.com 

  • gbutlergbutler Member Posts: 24 ■■■□□□□□□□
    Hi UnixGuy,

    This exam covers basic stuff like securing Grub, Extended Attributes, PAM, Luks and Aide (along with these Identity Manager, Auditing and intro about CVE)

    these are available on RHCE materials and you can refer redhat docs. This will much easier if you go through RHCE, RH333 and redhat Docs (Security materials)

    imho this is the easiest of all and not that hard compared to rh333
    Achieved : GCIH, CEH
    Certification Goals :  ECCPT, OSCP, CISSP, CCNA CyberOps, CCIE, WIFU

  • UnixGuyUnixGuy Mod Posts: 4,570 Mod
    Thanks for sharing. I'm really keen on doing some certs in 2014, not sure what though :)
    Certs: GSTRT, GPEN, GCFA, CISM, CRISC, RHCE

    Learn GRC! GRC Mastery : https://grcmastery.com 

  • chanakyajupudichanakyajupudi Member Posts: 712
    I just signed up for the course. Starts on the 25th. Will post a review once I am done !
    Work In Progress - RHCA [ ] Certified Cloud Security Professional [ ] GMON/GWAPT if Work Study is accepted [ ]
    http://adarsh.amazonwebservices.ninja


  • timmetimme Member Posts: 16 ■□□□□□□□□□
    I'm interested in writing this exam. I'm going to to the RHCE soon, but I'm starting to prep for this exam as well.

    Does anyone know what the Intrusion Detection capabilities of Red Hat are. As far as I can see, it is a case of using rpm, but the objectives say install, so does anything else need to be installed?

    Thanks,
    Timme
  • chanakyajupudichanakyajupudi Member Posts: 712
    I will get hold of the student guide tomorrow and let you know what the point exactly means.
    Work In Progress - RHCA [ ] Certified Cloud Security Professional [ ] GMON/GWAPT if Work Study is accepted [ ]
    http://adarsh.amazonwebservices.ninja


  • timmetimme Member Posts: 16 ■□□□□□□□□□
    I will get hold of the student guide tomorrow and let you know what the point exactly means.

    Thanks, I appreciate it.
  • chanakyajupudichanakyajupudi Member Posts: 712
    Hi timme

    It points to the use of aide and the configuration of the aide configuration to manage intrusion ( only metadata ).

    Let me know if you have any other questions

    Thanks

    Chanakya
    Work In Progress - RHCA [ ] Certified Cloud Security Professional [ ] GMON/GWAPT if Work Study is accepted [ ]
    http://adarsh.amazonwebservices.ninja


  • timmetimme Member Posts: 16 ■□□□□□□□□□
    Hi timme

    It points to the use of aide and the configuration of the aide configuration to manage intrusion ( only metadata ).

    Let me know if you have any other questions

    Thanks

    Chanakya

    Thanks Chanakya.
  • altabayaltabay Registered Users Posts: 1 ■□□□□□□□□□
    Hi chanakyajupudi
    What does it say about redhat dirrectoy server?
  • chanakyajupudichanakyajupudi Member Posts: 712
    Sure ! Anytime.
    Work In Progress - RHCA [ ] Certified Cloud Security Professional [ ] GMON/GWAPT if Work Study is accepted [ ]
    http://adarsh.amazonwebservices.ninja


Sign In or Register to comment.