Exam Objectives – EX429

The Red Hat® Enterprise SELinux Policy Administration Expertise Exam (EX429) tests the ability of a Red Hat Certified Engineer (RHCE®) to modify parameters within the included SELinux policy in Red Hat Enterprise Linux® and to configure custom SELinux policies.

This guide provides information candidates may use in preparing to take the Red Hat Enterprise SELinux Policy Administration Expertise Exam. Red Hat is not responsible for the content or accuracy of other guides, books, online resources, or any other information provided by organizations or individuals other than Red Hat Global Learning Services. Red Hat reserves the right to change this guide when appropriate and candidates who have enrolled in forthcoming classes or exams are advised to check this guide periodically for changes.

Performance-based exams

This exam is a performance-based evaluation of system administration skills and knowledge. Candidates perform a number of routine system administration tasks and are evaluated on whether they have met specific objective criteria. Performance-based testing means that candidates must perform tasks similar to what they perform on the job.

Prospective employers of people with the Red Hat Enterprise Deployment and Systems Management Certificate of Expertise credential should verify any and all claims by people claiming to hold one of this credential by requesting their certificate number and verifying it using the Red Hat certification verification tool.

Authorized training partners

Only Red Hat and Red Hat Certified Training Partners offer this exam. Prospective candidates should exercise due diligence when purchasing a seat in an exam from a provider other than Red Hat itself. They should verify that the provider is, in fact, an authorized training partner in good standing. Please notify training@redhat.com about organizations that purport to offer Red Hat exams, but who are not Red Hat Certified Training Partners.

Official scores for this exam come exclusively from Red Hat Certification Central. Red Hat does not authorize examiners or training partners to report results to candidates directly. Scores on the exam are usually reported within 5 US business days.

Exam results are reported as section scores. Red Hat does not report performance on individual items, nor will it provide additional information upon request.

Preparation for the Red Hat Enterprise SELinux Policy Administration Expertise Exam

Red Hat encourages all candidates for the Red Hat Enterprise SELinux Policy Administration Expertise Exam to consider taking the Red Hat Enterprise SELinux Policy Administration (RHS429) training course. Attendance in this class is not required, so one can choose to take just the exam. Many successful candidates who have come to class already possessing substantial skills and knowledge have reported that the class made a positive difference for them.

While attending Red Hat classes can be an important part of one's preparation to take this exam, attending class does not guarantee success on the exam. Previous experience, practice, and native aptitude are also important determinants of success.

Many books and other resources on system administration for Red Hat's products are available. Red Hat does not officially endorse any as preparation guides for its exam. Nevertheless, you may find additional reading deepens understanding and can prove helpful.

Components of the exam

The SELinux Policy Administration Expertise Exam is organized into one section:

  • SELinux Policy Writing and Targeted Policy System Maintenance: 3.5 hours

In order to earn the SELinux Policy Administration Certificate of Expertise, one must earn a score of 210.

Study points for the exam

Prerequisite skills for the exam

Candidates must be an RHCE on a release that is considered current in order to take this exam.

SELinux policy administration

Candidates should be able to perform the tasks listed below:

SELinux policy writing

  • Specify an enforcement mode.
  • Specify a particular policy.
  • Update a system to use the latest SELinux packages.
  • Create and implement a custom policy module to support a given service, including:
    • Port bindings
    • File and directory access
    • Type transitions
    • Default file types
    • Booleans
    • Type Aliases
  • Modify an existing policy including:
    • Port bindings
    • File and directory access
    • Type transitions
    • Default file types
    • Booleans
    • Type Aliases
    • Backup/Restore a file system preserving SELinux attributes.

As with all Red Hat performance-based exams, configurations must persist after reboot without intervention.

Red Hat course covering these skills

Red Hat Enterprise SELinux Policy Administration (RHS429)

Red Hat Enterprise SELinux Policy Administration provides a 4-day tutorial on SELinux and SELinux policy writing. The first day of the course provides a introduction to SELinux, how it operates within the Red Hat targeted policy, and the tools used to manipulate it. The remaining days of class focus on how policies are written, compiled, and debugged.