LFS416: Linux Security

2,995.00  excl. VAT

Course Code: LFS416

Duration: 4 days;

Delivery dates: TBA;

Instructor: TBA;

Certificate: Yes, upon completion;

Location: TBA.



Security is always a concern, and with major security holes like Shellshock and Heartbleed being announced regularly, it’s more critical than ever to secure the data you are liable for. This course will walk you through the many risks and threats that exist, show you how to use best practices and other open-source tools to mitigate or counteract those threats, and teach you what you need to know to detect and recover from those attacks that do happen.


Any professional IT manager and administrator should benefit from this course. Software developers who need to improve their knowledge of security concepts and strategies will also find a great deal of information that applies to their responsibilities.

Course Materials

Authorized printed training materials from The Linux Foundation. As part of your registration, a printed copy of the course manual will be course manual will be provided. If you are attending in person the material will be available onsite on the day the class begins.


  • Have a solid understanding of core local system administration and networking concepts equivalent to that obtained from LFS301 Linux System Administration and LFS311 Linux Network Management.
  • Be experienced with Linux (or more generally UNIX), especially at the command line level.

Course Description

This advanced, completely hands-on course adopts a highly technical approach to cover important security techniques and tools. By providing visibility both into attack vectors and possible security holes, this course provides you a complete guide on how to mitigate security risks in any Linux environment. You’ll learn:

  • How to assess security risks in your enterprise Linux environment.
  • The best techniques and tools to increase security.
  • Server hardening
  • How to deploy and use monitoring and attack detection tools.
  • How to gain visibility into possible vulnerabilities.
  • The art and science of developing your Linux security policy and response strategy.
  • How to configure your systems for compliance with HIPAA, DISA STIG, etc.

This course is designed to work with a wide range of Linux distributions, so you will be able to apply these concepts regardless of your distro.

Course Outline

  • Introduction
    • Linux Foundation
    • Linux Foundation Training
    • Laboratory Exercises, Solutions and Resources
    • Distribution Details
    • Lab Setup
    • Registration
    • Labs
  • Security Basics
    • What is Security?
    • Assessment
    • Prevention
    • Detection
    • Reaction
    • Labs
  • Threats and Risk Assessment
    • Classes of Attackers
    • Types of Attacks
    • Trade Offs
    • Labs
  • Physical Access
    • Physical Security
    • Hardware Security
    • Understanding the Linux Boot Process
    • Labs
  • Logging
    • Logging Overview
    • Syslog Services
    • The Linux Kernel Audit Daemon
    • Linux Firewall Logging
    • Log Reports
    • Labs
  • Auditing and Detection
    • Auditing Basics
    • Understanding an Attack Progression
    • Detecting an Attack
    • Intrusion Detection Systems
    • Labs
  • Application Security
    • Bugs and Tools
    • Tracking and Documenting Changes
    • Resource Access Control
    • Mitigation Techniques
    • Policy Based Access Control Frameworks
    • Real World Example
    • Labs
  • Kernel Vulnerabilities
    • Kernel and User Spaces
    • Bugs
    • Mitigating Kernel Vulnerabilities
    • Vulnerabilities Examples
    • Labs
  • Authentication
    • Encryption and Authentication
    • Passwords and PAM
    • Hardware Tokens
    • Biometric Authentication
    • Network and Centralized Authentication
    • Labs
  • Local System Security
    • Standard UNIX Permissions
    • Administrator Account
    • Advanced UNIX Permissions
    • Filesystem Integrity
    • Filesystem Quotas
    • Labs
  • Network Security
    • TCP/IP Protocols Review
    • Remote Trust Vectors
    • Remote Exploits
    • Labs
  • Network Services Security
    • Network Tools
    • Databases
    • Web Server
    • File Servers
    • Labs
  • Denial of Service
    • Network Basics
    • DoS Methods
    • Mitigation Techniques
    • Labs
  • Remote Access
    • Unencrypted Protocols
    • Accessing Windows Systems
    • SSH
    • IPSEC VPNs
    • Labs
  • Firewalling and Packet Filtering
    • Firewalling Basics
    • iptables
    • Netfilter Implementation
    • Netfilter rule management
    • Mitigate Brute Force Login Attempts
    • Labs
  • Response and Mitigation
    • Preparation
    • During an Incident
    • Handling Incident Aftermath
    • Labs

Why train with The Linux Foundation

The Linux Foundation is the go-to source for training on virtually every aspect of Linux and many other open source technologies. Here are a few things that make The Linux Foundation the right choice for training:

  1. The Linux Foundation is the non-profit organization that hosts Linux and many other open source projects, employs Linux creator Linus Torvalds and hosts kernel.org (where all Linux kernel updates are released).
  2. Being so close to the kernel The Linux Foundation is constantly updating training to ensure that the most up-to-date information is being thought. Linux Foundation Training is unique in that all our training courses are designed to work on all major Linux distributions (including RedHat, Ubuntu and SUSE).
  3. The Linux Foundation does not sell any software or support services so there’s no hidden sales agenda in the training material. The only goal is to help students learn the material.
  4. When you train with The Linux Foundation, you’re learning from instructors who are comfortable across all major Linux distributions and can answer student questions regardless of the distribution you’re using for the class. You are truly learning from the experts.