EX333
Retired - Red Hat Enterprise Security: Network Services Expertise exam
Overview
Exam description
Note: This exam and credential are no longer available.
The Red Hat® Enterprise Security: Network Services Expertise Exam is a performance-based exam that tests the skills covered in the Red Hat Enterprise Security: Network Services (RHS333) course. To enroll in this exam, candidates must hold a current Red Hat Certified Engineer (RHCE®) certification.
Audience for this exam
- Experienced RHCE Linux ®system administrators responsible for the overall security of their systems and networked services
- Experienced RHCE Linux system administrators tasked with security on other operating systems but who now want to perform those tasks on a Red Hat Enterprise Linux system
- An RHCE interested in earning RHCA certification
Prerequisites for this exam
Exam candidates must:
- Hold a current RHCE certification at the time the exam is taken.
- Have Red Hat Enterprise Security: Network Services (RHS333) or equivalent experience.
- Understand that real-world system administration experience is also an important aspect of preparation for the exam.
Objectives
Study points for the exam
Candidates should be able to perform the tasks listed below:
- Centralized authentication security
-
- Configure an NIS server to provide directory services
- Configure Kerberos to provide user authentication
- Configure NFSv4 server
- Configure a network client to use NIS for directory information
- Configure a network client to use Kerberos for authentication
- Configure a network client to mount an NFSv4 export
- Configure r-clients (rlogin, rcp, etc.) and telnet to use Kerberos
- Network Services Security
-
- Use xinetd and TCP wrappers to restrict access to network services
- Configure Postfix and Sendmail to:
- Filter mail based on message characteristics
- Use TLS for secure communication
- Use the Real-time Blackhole List (RBL) via DNS
- Configure POP/IMAP to use SSL/TLS for secure communication
- Configure the following aspects of DNS:
- Master domain
- Slave domain
- Views
- Forwarders
- Blackhole lists (RBL)
- TSIG
- Use GPG tools to:
- Generate key pairs
- Sign documents
- Encrypt documents
- Decrypt documents
- Verify document signatures
- Configure a certificate authority (CA) and sign certificate requests
- Configure httpd to use an SSL certificate signed by a certifying authority
- Configure httpd to use passwords and/or network location to restrict access to content
- Configure FTP security to:
- Support FTP only users
- Implement host-based access restrictions
As with all Red Hat performance-based exams, configurations must persist after reboot without intervention.
What you need to know
Preparation
Candidates must be an RHCE on a release that is considered current in order to take this exam.
Components of the exam
The Enterprise Security: Network Services Expertise Exam is organized into two sections:
- Centralized Authentication Security: 3.0 hours
- Network Service Security: 3.0 hours
In order to earn the Enterprise Security: Network Services Certificate of Expertise, one must earn a score of 70 or higher on each section.