Course Description
Since its inception in the early 1990’s, Linux has made increasing inroads into the production IT server environments in many organizations, often taking the place of legacy Unix and mainframe systems, as well as, proving to be a cost-effective solution to Windows server. The open source foundation of Linux offers many cost savings and flexibility benefits… but also “The Penguins” bring along some significant risks to the party. Linux, especially Ubuntu variants, have emerged as often the preferred vulnerability testing and forensics testing workstation platform of choice – making it an attractive option for cost conscious Information Security and IT Audit professionals. In this pragmatic seminar, we will identify the important Unix/Linux security controls, best practice for secure configuration, and tools and techniques on how to audit Linux and other Unix variants. Additionally, we will demonstrate methods to build inexpensive Linux based IT audit workstations and self-booting Linux media.
Learning Objectives
- Understanding the architecture of Linux file systems
- Identifying and auditing Linux logical access control points
- Leveraging open source Linux software for IT audits
Course Outline
Introducing the Linux Software Architecture
- Overview of Linux variants and their positioning for server and workstation applications
- Understanding the architecture of Linux file systems
Identifying Linux Security Controls and How to Audit Them
- Identifying and auditing Linux logical access control points:
- User accounts and groups
- Password policies
- Data access authorization and file security
- TCP/IP applications
- System integrity: root account controls, SETUID/SETIG program controls, file integrity monitoring, SELinux
- Security event (audit) logs
- Evaluating Linux change control and patch management
- Learning simple Linux/Unix commands and associating scripting procedures to collect audit evidence from Linux systems
Building Linux-based IT Audit Workstations
- Leveraging Kali and other open source Linux software for IT audits
- Installing Linux system software and audit tools on different types of desktop and portable devices
- Creating self-booting Linux media
Sources of Additional Unix/Linux Information and Tools
Additional Information
Who Should Attend
- IT Auditors
- IT Control Professionals
- Information Security Professionals
Operational Auditors
Learning Level
Intermediate
Delivery
Group-Live or Group-Internet Based
Field
Auditing
Recommended Prerequisites
Planning and Conducting IT General Control Reviews (AA03) or equivalent training. A basic understanding of IT audit controls and terminology is assumed.
Session Duration
On Site: 1 day
CPE Credits: 8