Contact us


Retired - Red Hat Enterprise Security: Network Services Expertise exam


Exam description

Note: This exam and credential are no longer available.

The Red Hat® Enterprise Security: Network Services Expertise Exam is a performance-based exam that tests the skills covered in the Red Hat Enterprise Security: Network Services (RHS333) course. To enroll in this exam, candidates must hold a current Red Hat Certified Engineer (RHCE®) certification.

Audience for this exam

  • Experienced RHCE Linux ®system administrators responsible for the overall security of their systems and networked services
  • Experienced RHCE Linux system administrators tasked with security on other operating systems but who now want to perform those tasks on a Red Hat Enterprise Linux system
  • An RHCE interested in earning RHCA certification

Prerequisites for this exam

Exam candidates must:

  • Hold a current RHCE certification at the time the exam is taken.
  • Have Red Hat Enterprise Security: Network Services (RHS333) or equivalent experience.
  • Understand that real-world system administration experience is also an important aspect of preparation for the exam.


Study points for the exam

Candidates should be able to perform the tasks listed below:

Centralized authentication security
  • Configure an NIS server to provide directory services
  • Configure Kerberos to provide user authentication
  • Configure NFSv4 server
  • Configure a network client to use NIS for directory information
  • Configure a network client to use Kerberos for authentication
  • Configure a network client to mount an NFSv4 export
  • Configure r-clients (rlogin, rcp, etc.) and telnet to use Kerberos
Network Services Security
  • Use xinetd and TCP wrappers to restrict access to network services
  • Configure Postfix and Sendmail to:
    • Filter mail based on message characteristics
    • Use TLS for secure communication
    • Use the Real-time Blackhole List (RBL) via DNS
  • Configure POP/IMAP to use SSL/TLS for secure communication
  • Configure the following aspects of DNS:
    • Master domain
    • Slave domain
    • Views
    • Forwarders
    • Blackhole lists (RBL)
    • TSIG
  • Use GPG tools to:
    • Generate key pairs
    • Sign documents
    • Encrypt documents
    • Decrypt documents
    • Verify document signatures
  • Configure a certificate authority (CA) and sign certificate requests
  • Configure httpd to use an SSL certificate signed by a certifying authority
  • Configure httpd to use passwords and/or network location to restrict access to content
  • Configure FTP security to:
    • Support FTP only users
    • Implement host-based access restrictions

As with all Red Hat performance-based exams, configurations must persist after reboot without intervention.

What you need to know


Candidates must be an RHCE on a release that is considered current in order to take this exam.

Components of the exam

The Enterprise Security: Network Services Expertise Exam is organized into two sections:

Centralized Authentication Security: 3.0 hours
Network Service Security: 3.0 hours

In order to earn the Enterprise Security: Network Services Certificate of Expertise, one must earn a score of 70 or higher on each section.

Red Hat logoLinkedInYouTubeFacebookTwitter



Try, buy, & sell


About Red Hat

We’re the world’s leading provider of enterprise open source solutions—including Linux, cloud, container, and Kubernetes. We deliver hardened solutions that make it easier for enterprises to work across platforms and environments, from the core datacenter to the network edge.

Subscribe to our newsletter, Red Hat Shares

Sign up now

Select a language