Základní info
This exam is a performance-based evaluation of server hardening skills and knowledge. Candidates perform a number of systems administration tasks focused on securing servers against unauthorized access and are evaluated on whether they have met specific objective criteria. Performance-based testing means that candidates must perform tasks similar to what they perform on the job.
This exam consists of 1 section lasting 4 hours.
Audience
The following audiences may be interested in earning the Red Hat Certificate of Expertise in Server Hardening:
- System administrators responsible for standards-compliant security on Red Hat Enterprise Linux systems
- System administrators responsible for security on Red Hat Enterprise Linux systems or who wish to harden systems beyond default configurations
- RHCEs who wish to earn Red Hat Certified Architect (RHCA).
Study points for the exam
To help you prepare, review the exam objectives which highlights the task areas you can expect to see covered in the exam. Red Hat reserves the right to add, modify, and remove exam objectives. Such changes will be made public in advance. Candidates for the Red Hat Certificate of Expertise in Server Hardening should be able to perform the following tasks:
- Identify Red Hat Common Vulnerabilities and Exposures (CVEs) and Red Hat Security Advisories (RHSAs) and selectively update systems based on this information
- Verify package security and validity
- Identify and employ standards-based practices for configuring file system security, create and use encrypted file systems, tune file system features, and use specific mount options to restrict access to file system volumes
- Configure default permissions for users and use special file permissions, attributes, and access control lists (ACLs) to control access to files
- Install and use intrusion detection capabilities in Red Hat Enterprise Linux to monitor critical system files
- Manage user account security and user password security
- Manage system login security using pluggable authentication modules (PAM)
- Configure console security by disabling features that allow systems to be rebooted or powered off using bootloader passwords
- Configure system-wide acceptable use notifications
- Install, configure, and manage identity management services and configure identity management clients
- Configure remote system logging services, configure system logging, and manage system log files using mechanisms such as log rotation and compression
- Configure system auditing services and review audit reports
- Use network scanning tools to identify open network service ports and configure and troubleshoot system firewalling
- As with all Red Hat performance-based exams, configurations must persist after reboot without intervention.
Scores and reporting
Official scores for exams come exclusively from Red Hat Certification Central. Red Hat does not authorize examiners or training partners to report results to candidates directly. Scores on the exam are usually reported within 3 U.S. business days. Exam results are reported as section scores. Red Hat does not report performance on individual items, nor will it provide additional information upon request.
Prerequisites
Recommended courses
RH413 - Red Hat Server Hardening
