EX413 - Red Hat Certificate of Expertise in Server Hardening

notquitecertifiable

I saw this on the LinkedIn RHCE group -

"Red Hat Server Hardening (RH413): All-new Security course that replaces RHS423 and elements from RHS333; Course and exam expected to release end of July

Combined with: Red Hat Certificate of Expertise in Server Hardening (EX413): All-new Security exam expected to release end of July. "

First I've heard of it. Maybe I won't be doing the exams I thought I'd be for the RHCSS next year...

chanakyajupudi

What ! Why ! I was just getting there ! I am now under pressure to complete the RHCA this year. I dont like change !

notquitecertifiable

Red Hat | Certificationshas the new security cert, a hybrid storage cert and an OpenStack one. All showing as coming soon.

It'll be interesting to see if the new 413 replaces the LDAP exam in both RHCDS and RHCSS.

chanakyajupudi

But it really does not say when it is releasing and if it replaces any exam.

chanakyajupudi

I guess I have the 429 this month . And nothing will happen till November. I would definitely do the course though. Lets think about the cert ! I have done enough this year. And I have a lot planned too .

All my certs have been done this year. Came into some money. Thought I'd use it wisely !

brombulec

It'll be great new certificate ... but what about preparation materials? Will it cover RHEL6 or RHEL7?

--
Regards

chanakyajupudi

RHEL 6. Releasing only in November.

chanakyajupudi

Released !

Exam Blueprint :

Candidates for the Red Hat Certificate of Expertise in Server Hardening should be able to perform the following tasks:

• Identify Red Hat Common Vulnerabilities and Exposures (CVEs) and Red Hat Security Advisories (RHSAs) and selectively update systems based on this information.
• Verify package security and validity.
• Identify and employ standards-based practices for configuring file system security, create and use encrypted file systems, tune file system features, and use specific mount options to restrict access to file system volumes.
• Configure default permissions for users and use special file permissions, attributes, and access control lists (ACLs) to control access to files.
• Install and use intrusion detection capabilities in Red Hat Enterprise Linux to monitor critical system files.
• Manage user account security and user password security.
• Manage system login security using pluggable authentication modules (PAM).
• Configure console security by disabling features that allow systems to be rebooted or powered off using bootloader passwords.
• Configure system-wide acceptable use notifications.
• Install, configure, and manage identity management services and configure identity management clients.
• Configure remote system logging services, configure system logging, and manage system log files using mechanisms such as log rotation and compression.
• Configure system auditing services and review audit reports.
• Use network scanning tools to identify open network service ports and configure and troubleshoot system firewalling.
• Perform OpenSCAP scans against systems and interpret reports.

chanakyajupudi

Its very doable ! And to the point !

Bodanel

Many thks dude.

chanakyajupudi

Sure man !

I will be doing the course soon.

Will let you know the feedback !

Cheers

Expect

cool stuff.

notquitecertifiable

chanakyajupudi wrote: »

Released !

Candidates for the Red Hat Certificate of Expertise in Server Hardening should be able to perform the following tasks:

Well it looks like they're starting to put the updated information out - Red Hat | Certification FAQs - Red Hat certification changes section

Expertise in Security: Network Services and Expertise in Directory Services and Authentication are both being slowly depreciated and retired. RHCA will use RHCVA in place of the directory services exam. So Chanakyajupudi already has that one covered It'll also use Server Hardening instead of RH333. Looks like the RHCSS will be changing a lot.

Makes me a little happy that I didn't get very far in to the RHCSS - the only exam I took is the one they're keeping! Looks like doing the EX413 makes the most sense as it seems to count in two streams still.

chanakyajupudi

I am done with the RHCSS. I would however do the course if it costs the same as the other RHCSS level papers. It cost about 400 $ for the course and exam. Lets see how they price the course.

brombulec

So it's clear now:

A Red Hat® Certified Security Specialist (RHCSS) is a Red Hat Certified Engineer (RHCE®) whose status is current and who has earned the following Red Hat Certificates of Expertise:

• Red Hat Certificate of Expertise in Security: Network Services or Red Hat Certificate of Expertise in Server Hardening
• Red Hat Certificate of Expertise in Directory Services and Authenticationor Red Hat Certificate of Expertise in Server Hardening
• Red Hat Certificate of Expertise in SELinux Policy Administration

Note: The Red Hat Certificate of Expertise in Server Hardening may be substituted for either the Red Hat Certificate of Expertise in Security: Network Services or Red Hat Certificate of Expertise in Directory Services and Authentication but not both.

IMHO the easiest path will be 429 + 423+ 413.

--
Regards

chanakyajupudi

Depends. 413 sounds and looks like it needs a great deal of work! 333 seems like a breeze when compared to the 413.

I am surprised they still have the SeLinux papers still there. Not a lot of the enterprise people are using it due to products like PowerBroker being there for the same reason and are a lot easier.

brombulec

They will promote SELinux - PowerBroker is a potential cost, PowerBrokerOpen is different solution.
I think that they withdraw 333 soon and replace it with 413.

--
Regards

chanakyajupudi

I am starting the course in November. Lets hope that goes well.

brombulec

I'll attend the course (RH413) in December and I'll try to pass exam (EX413) in January or February. But first other stuff (cluster, MCSE: SI, CCNA:Sec)

varelg

and $600 it is... kahm kahm...

UnixGuy

varelg wrote: »

and $600 it is... kahm kahm...

and the training is 3200$ ! Red Hat trainings are very expensive, and there is no material out there to cover the exam stuff, so I wonder how viable are these certs anyway

gbutler

Hi UnixGuy,

This exam covers basic stuff like securing Grub, Extended Attributes, PAM, Luks and Aide (along with these Identity Manager, Auditing and intro about CVE)

these are available on RHCE materials and you can refer redhat docs. This will much easier if you go through RHCE, RH333 and redhat Docs (Security materials)

imho this is the easiest of all and not that hard compared to rh333

UnixGuy

Thanks for sharing. I'm really keen on doing some certs in 2014, not sure what though

chanakyajupudi

I just signed up for the course. Starts on the 25th. Will post a review once I am done !

timme

I'm interested in writing this exam. I'm going to to the RHCE soon, but I'm starting to prep for this exam as well.

Does anyone know what the Intrusion Detection capabilities of Red Hat are. As far as I can see, it is a case of using rpm, but the objectives say install, so does anything else need to be installed?

Thanks,
Timme

chanakyajupudi

I will get hold of the student guide tomorrow and let you know what the point exactly means.

timme

chanakyajupudi wrote: »

I will get hold of the student guide tomorrow and let you know what the point exactly means.

Thanks, I appreciate it.

chanakyajupudi

Hi timme

It points to the use of aide and the configuration of the aide configuration to manage intrusion ( only metadata ).

Let me know if you have any other questions

Thanks

Chanakya

timme

chanakyajupudi wrote: »

Hi timme

It points to the use of aide and the configuration of the aide configuration to manage intrusion ( only metadata ).

Let me know if you have any other questions

Thanks

Chanakya

Thanks Chanakya.

altabay

Hi chanakyajupudi
What does it say about redhat dirrectoy server?

chanakyajupudi

Sure ! Anytime.