ProductsDesktop Server Red Hat Enterprise Linux OpenStack Platform For IBM POWER For IBM System z For SAP Business Applications Satellite Management For Scientific ComputingExtended Update Support High Availability High Performance Network Load Balancer Resilient Storage Scalable File System Smart Management Extended Lifecycle SupportAccelerate Automate Integrate Red Hat JBoss BPM Suite Red Hat JBoss Developer Studio Portfolio Edition Web Framework Kit Application Platform Web Server Data Grid Portal Fuse Red Hat JBoss A-MQ BRMS Red Hat JBoss Fuse Service Works JBoss Operations Network JBoss Community or JBoss enterprise Red Hat JBoss Data Virtualization
SolutionsWhy Red Hat Why open hybrid cloud? The new IT Public cloud Cloud resource library Private cloud Infrastructure-as-a-Service (IaaS) Platform-as-a-Service (PaaS) Cloud applications and workloadsSolaris to Red Hat Enterprise Linux Migration overview Migrate from your UNIX platform How to migrate to Red Hat Enterprise Linux Upgrade to the latest Red Hat Enterprise Linux release JBoss Enterprise Middleware Benefits of migrating to Red Hat Enterprise Linux Migration services Start a conversation with Red Hat
TrainingPopular and new courses Red Hat JBoss Administration curriculum Core System Administration curriculum Red Hat JBoss Middleware Development curriculum Advanced System Administration curriculum Linux Development curriculum Cloud Computing, Virtualization, and Storage curriculum
ConsultingSOA and integration Business process management Cloud and virtualization Custom Software Development Enterprise Data and Storage Systems management Migrations
Exam objectives — Red Hat Certificate of Expertise in Server Hardening
The Red Hat® Certificate of Expertise in Server Hardening Exam (EX413) tests a candidate’s abilities to understand and apply standards-based best practices to secure Red Hat Enterprise Linux® systems against unauthorized access.
This guide provides information candidates may use in preparing to take the Red Hat Certificate of Expertise in Server Hardening Exam. Red Hat is not responsible for the content or accuracy of other guides, books, online resources, or any other information provided by organizations or individuals other than Red Hat. Red Hat reserves the right to change this document when appropriate. Candidates who have enrolled in upcoming classes or exams are advised to check this guide periodically for changes.
Prospective employers of people with the Red Hat Certificate of Expertise in Server Hardening should verify any and all claims by people claiming to hold this credential by requesting their certificate number and verifying it here.
Exam policies and procedures
Only Red Hat and Red Hat Certified Training Partners administer this exam. Prospective candidates should exercise due diligence when purchasing a seat in an exam from a provider other than Red Hat itself. They should verify that the provider is an authorized training partner in good standing.
Please notify email@example.com about organizations that purport to offer Red Hat exams, but who are not Red Hat Certified Training Partners.
Official scores for this exam come exclusively from Red Hat Certification Central. Red Hat does not authorize examiners or training partners to report results to candidates directly. Scores on the exam are usually reported within 3 US business days.
Exam results are reported as section scores. Red Hat does not report performance on individual exam items, nor will it provide additional information upon request.
Preparation for the EX413 Red Hat Server Hardening Exam
Candidates must be a current Red Hat Certified Engineer (RHCE®) in order to take this exam.
Red Hat encourages all candidates for the Red Hat Certificate of Expertise in Server Hardening Exam to consider taking RH413 - Red Hat Server Hardening. Attendance in this class is not required, so you can choose to take just the exam.
While attending Red Hat classes can be an important part of preparation for this exam, attending class does not guarantee success on the exam. Previous experience, practice, and native aptitude are also important determinants of success.
Many books and other resources on system administration for Red Hat's products are available. Red Hat does not officially endorse any as preparation guides for its exam. Nevertheless, you may find additional reading deepens understanding and can prove helpful.
This exam is a performance-based evaluation of server hardening skills and knowledge. Candidates perform a number of systems administration tasks focused on securing servers against unauthorized access and are evaluated on whether they have met specific objective criteria. Performance-based testing means that candidates must perform tasks similar to what they perform on the job.
This exam consists of 1 section lasting 4 hours.
Study points for the exam
Candidates for the Red Hat Certificate of Expertise in Server Hardening should be able to perform the following tasks:
- Identify Red Hat Common Vulnerabilities and Exposures (CVEs) and Red Hat Security Advisories (RHSAs) and selectively update systems based on this information.
- Verify package security and validity.
- Identify and employ standards-based practices for configuring file system security, create and use encrypted file systems, tune file system features, and use specific mount options to restrict access to file system volumes.
- Configure default permissions for users and use special file permissions, attributes, and access control lists (ACLs) to control access to files.
- Install and use intrusion detection capabilities in Red Hat Enterprise Linux to monitor critical system files.
- Manage user account security and user password security.
- Manage system login security using pluggable authentication modules (PAM).
- Configure console security by disabling features that allow systems to be rebooted or powered off using bootloader passwords.
- Configure system-wide acceptable use notifications.
- Install, configure, and manage identity management services and configure identity management clients.
- Configure remote system logging services, configure system logging, and manage system log files using mechanisms such as log rotation and compression.
- Configure system auditing services and review audit reports.
- Use network scanning tools to identify open network service ports and configure and troubleshoot system firewalling.
As with all Red Hat performance-based exams, configurations must persist after reboot without intervention.