-
Products
JBoss Enterprise Middleware
Red Hat JBoss Fuse Developer Studio Portfolio Edition Web Framework Kit Application Platform Web Server Data Grid Portal Platform Red Hat JBoss A-MQ SOA Platform Business Rules Management System (BRMS) Data Services Platform Messaging JBoss Operations Network JBoss Community or JBoss enterprise -
Solutions
Migration Center
Migrate to Red Hat Enterprise Linux Migration Center Systems management Upgrading to Red Hat Enterprise Linux JBoss Enterprise Middleware IBM AIX to Red Hat Enterprise Linux HP-UX to Red Hat Enterprise Linux Solaris to Red Hat Enterprise Linux UNIX to Red Hat Enterprise Linux Start a conversation with Red Hat Migration services -
Training
Courses and training paths
Popular and new courses JBoss Middleware Administration curriculum Core System Administration curriculum JBoss Middleware Development curriculum Advanced System Administration curriculum Linux Development curriculum Cloud Computing and Virtualization curriculum Cloud Computing, Virtualization, and Storage curriculum
Expertise exam objectives: Red Hat Enterprise Security: Network Services
The Red Hat® Enterprise Security: Network Services Expertise Exam (EX333) tests the ability of a Red Hat Certified Engineer (RHCE®) to use host-based, user-based, and cryptographic security techniques to control access to standard network services. Only a current RHCE is eligible to take this exam.
This guide provides information candidates may use in preparing to take the Red Hat Enterprise Security: Network Services Expertise Exam. Red Hat is not responsible for the content or accuracy of other guides, books, online resources, or any other information provided by organizations or individuals other than Red Hat Global Learning Services. Red Hat reserves the right to change this guide when appropriate and candidates who have enrolled in forthcoming classes or exams are advised to check this guide periodically for changes.
Performance-based exams
This exam is a performance-based evaluation of system administration skills and knowledge. Candidates perform a number of routine system administration tasks and are evaluated on whether they have met specific objective criteria. Performance-based testing means that candidates must perform tasks similar to what they perform on the job.
Prospective employers of a candidate holding Red Hat Enterprise Security: Network Services Certificate of Expertise credential should verify any and all claims by people claiming to hold this credential by requesting their certificate number and verifying it using the Red Hat certification verification tool.
Authorized training partners
Only Red Hat and Red Hat Certified Training Partners offer this exam. Prospective candidates should exercise due diligence when purchasing a seat in an exam from a provider other than Red Hat itself. They should verify that the provider is, in fact, an authorized training partner in good standing. Please notify training@redhat.com about organizations that purport to offer Red Hat exams, but who are not Red Hat Certified Training Partners.
Official scores for this exam come exclusively from Red Hat Certification Central. Red Hat does not authorize examiners or training partners to report results to candidates directly. Scores on the exam are usually reported within 5 US business days.
Exam results are reported as section scores. Red Hat does not report performance on individual items, nor will it provide additional information upon request.
Preparation for the Red Hat Enterprise Security: Network Services Expertise Exam
Red Hat encourages all candidates for the Red Hat Enterprise Security: Network Services Expertise Exam (EX333) to consider taking the Red Hat Enterprise Security and Network Services (RHS333) training course. Attendance in this class is not required, so one can choose to take just the exam. Many successful candidates who have come to class already possessing substantial skills and knowledge have reported that the class made a positive difference for them.
While attending Red Hat classes can be an important part of one's preparation to take this exam, attending class does not guarantee success on the exam. Previous experience, practice, and native aptitude are also important determinants of success.
Many books and other resources on system administration for Red Hat's products are available. Red Hat does not officially endorse any as preparation guides for its exam. Nevertheless, you may find additional reading deepens understanding and can prove helpful.
Components of the exam
The Enterprise Security: Network Services Expertise Exam is organized into two sections:
-
Centralized Authentication Security: 3.0 hours
-
Network Service Security: 3.0 hours
In order to earn the Enterprise Security: Network Services Certificate of Expertise, one must earn a score of 70 or higher on each section.
Study points for the exam
Prerequisite skills for the exam
Candidates must be an RHCE on a release that is considered current in order to take this exam.
Enterprise security: Network services
Candidates should be able to perform the tasks listed below:
Centralized authentication security
-
Configure an NIS server to provide directory services.
-
Configure Kerberos to provide user authentication.
-
Configure NFSv4 server.
-
Configure a network client to use NIS for directory information.
-
Configure a network client to use Kerberos for authentication.
-
Configure a network client to mount an NFSv4 export.
-
Configure r-clients (rlogin, rcp, etc.) and telnet to use Kerberos.
Network Services Security
-
Use xinetd and TCP wrappers to restrict access to network services.
-
Configure Postfix and Sendmail to:
-
Filter mail based on message characteristics.
-
Use TLS for secure communication.
-
Use the Real-time Blackhole List (RBL) via DNS.
-
-
Configure POP/IMAP to use SSL/TLS for secure communication.
-
Configure the following aspects of DNS:
-
Master domain
-
Slave domain
-
Views
-
Forwarders
-
Blackhole lists (RBL)
-
TSIG
-
-
Use GPG tools to:
-
Generate key pairs.
-
Sign documents.
-
Encrypt documents.
-
Decrypt documents.
-
Verify document signatures.
-
Configure a certificate authority (CA) and sign certificate requests.
-
-
Configure httpd to use an SSL certificate signed by a certifying authority.
-
Configure httpd to use passwords and/or network location to restrict access to content.
-
Configure FTP security to:
-
Support FTP only users.
-
Implement host-based access restrictions.
-
As with all Red Hat performance-based exams, configurations must persist after reboot without intervention.
Red Hat course covering these skills
Red Hat Enterprise Security and Network Services (RHS333)
The Red Hat Enterprise Security and Network Services course trains IT professionals with RHCE-level competency to understand, prevent, detect, and properly respond to sophisticated security threats aimed at enterprise systems. The course equips system administrators and security professionals with the skills and knowledge to harden computers against both internal and external attacks, providing in-depth analysis of the ever-changing threat models as they pertain to Red Hat Enterprise Linux®. This course builds on the security skills developed in other Red Hat training courses so that administrators can design and implement an adequate security profile for critical enterprise systems.
