Course Outline


  • Linux Foundation
  • Linux Foundation Training
  • Linux Foundation Certifications
  • Linux Foundation Digital Badges
  • Laboratory Exercises, Solutions and Resources
  • E-Learning Course: LFS216
  • Distribution Details
  • Labs
  • Security Basics

What is Security?

  • Assessment
  • Prevention
  • Detection
  • Reaction
  • Labs
  • Threats and Risk Assessment

Classes of Attackers

  • Types of Attacks
  • Trade Offs
  • Labs
  • Physical Access

Physical Security

  • Hardware Security
  • Understanding the Linux Boot Process
  • Labs
  • Logging

Logging Overview

  • Syslog Services
  • journald Services
  • The Linux Kernel Audit Daemon
  • Linux Firewall Logging
  • Log Reports
  • Labs
  • Auditing and Detection

Auditing Basics

  • Understanding an Attack Progression
  • Detecting an Attack
  • Intrusion Detection Systems
  • Labs
  • Application Security

Bugs and Tools

  • Tracking and Documenting Changes
  • Resource Access Control
  • Mitigation Techniques
  • Policy Based Access Control Frameworks
  • Real World Example
  • Labs
  • Kernel Vulnerabilities

Kernel and User Spaces

  • Bugs
  • Mitigating Kernel Vulnerabilities
  • Vulnerabilities Examples
  • Labs
  • Authentication

Encryption and Authentication

  • Passwords and PAM
  • Hardware Tokens
  • Biometric Authentication
  • Network and Centralized Authentication
  • Labs
  • Local System Security

Standard UNIX Permissions

  • Administrator Account
  • Advanced UNIX Permissions
  • Filesystem Integrity
  • Filesystem Quotas
  • Labs
  • Network Security

TCP/IP Protocols Review

  • Remote Trust Vectors
  • Remote Exploits
  • Labs
  • Network Services Security

Network Tools

  • Databases
  • Web Server
  • File Servers
  • Labs
  • Denial of Service

Network Basics

  • DoS Methods
  • Mitigation Techniques
  • Labs
  • Remote Access

Unencrypted Protocols

  • Accessing Windows Systems
  • SSH
  • Labs
  • Firewalling and Packet Filtering

Firewalling Basics

  • iptables
  • Netfilter Implementation
  • Netfilter rule management
  • Mitigate Brute Force Login Attempts
  • nft Concepts
  • Labs
  • Response and Mitigation


  • During an Incident
  • Handling Incident Aftermath
  • Labs
  • Compliance testing with OSCAP

Compliance Testing

  • SCAP Introduction
  • OpenSCAP
  • SCAP Workbench
  • Command Line Scan
  • Labs


To make the most of of this course, you should:

  • Have a solid understanding of core local system administration and networking concepts equivalent to that obtained from LFS301 Linux System Administration and LFS311 Linux Networking and Administration.
  • Be experienced with Linux (or more generally UNIX), especially at the command line level.


This course is for individuals already experienced in Linux system administration who want to improve their security posture. Before enrolling, you should have a solid understanding of core local system administration and networking concepts, and be experienced with Linux (or more generally UNIX), especially at the command line level.

Experience Level: Intermediate

  28 Hours

Related Courses

Linux for System Administrators (LFS301 retired)

  28 hours

Linux Performance Tuning (LFS426)

  28 hours

Fundamentals of Linux (LFS300)

  28 hours

Linux for Cloud Technicians (LFS303). Preparation for Linux Foundation Certified Cloud Technician (LFCT) with exam

  28 hours

Linux System Administration (LFS307). Preparation for Linux Foundation Certified System Administrator (LFCS) with exam.

  28 hours

Kubernetes for App Developers (LFD459)

  21 hours

Kubernetes Administration (LFS458)

  28 hours

Kubernetes Security Fundamentals (LFS460)

  28 hours

Linux for System Engineers (LFS311)

  28 hours

Linux Enterprise Automation (LFS430)

  28 hours

Open Source Virtualization (LFS462)

  28 hours

Advanced Boot Camp for Developers Infomatica PowerCenter 9.5.1

  28 hours

Installation and Configuration of Infomatica

  7 hours

Infomatica MFT

  70 hours

Developing Applications For Linux (LFD401)

  28 hours