دسترسی نامحدود
برای کاربرانی که ثبت نام کرده اند
دانلود کتاب Red Hat Enterprise Linux 8 Security hardening
دانلود کتاب Red Hat Enterprise Linux 8 Security Hardening
مشخصات کتاب
Red Hat Enterprise Linux 8 Security hardening
ویرایش:
نویسندگان: Red Hat. Inc.
سری:
ناشر: Red Hat, Inc.
سال نشر: 2020
تعداد صفحات: 106
زبان: English
فرمت فایل : PDF (درصورت درخواست کاربر به PDF، EPUB یا AZW3 تبدیل می شود)
حجم فایل: 970 کیلوبایت
قیمت کتاب (تومان) : 38,000
در صورت تبدیل فایل کتاب Red Hat Enterprise Linux 8 Security hardening به فرمت های PDF، EPUB، AZW3، MOBI و یا DJVU می توانید به پشتیبان اطلاع دهید تا فایل مورد نظر را تبدیل نمایند.
توجه داشته باشید کتاب Red Hat Enterprise Linux 8 Security Hardening نسخه زبان اصلی می باشد و کتاب ترجمه شده به فارسی نمی باشد. وبسایت اینترنشنال لایبرری ارائه دهنده کتاب های زبان اصلی می باشد و هیچ گونه کتاب ترجمه شده یا نوشته شده به فارسی را ارائه نمی دهد.
توضیحاتی درمورد کتاب به خارجی
فهرست مطالب
Table of Contents PROVIDING FEEDBACK ON RED HAT DOCUMENTATION CHAPTER 1. OVERVIEW OF SECURITY HARDENING IN RHEL 1.1. WHAT IS COMPUTER SECURITY? 1.2. STANDARDIZING SECURITY 1.3. CRYPTOGRAPHIC SOFTWARE AND CERTIFICATIONS 1.4. SECURITY CONTROLS 1.4.1. Physical controls 1.4.2. Technical controls 1.4.3. Administrative controls 1.5. VULNERABILITY ASSESSMENT 1.5.1. Defining assessment and testing 1.5.2. Establishing a methodology for vulnerability assessment 1.5.3. Vulnerability assessment tools 1.6. SECURITY THREATS 1.6.1. Threats to network security 1.6.2. Threats to server security 1.6.3. Threats to workstation and home PC security 1.7. COMMON EXPLOITS AND ATTACKS CHAPTER 2. SECURING RHEL DURING INSTALLATION 2.1. BIOS AND UEFI SECURITY 2.1.1. BIOS passwords 2.1.1.1. Non-BIOS-based systems security 2.2. DISK PARTITIONING 2.3. RESTRICTING NETWORK CONNECTIVITY DURING THE INSTALLATION PROCESS 2.4. INSTALLING THE MINIMUM AMOUNT OF PACKAGES REQUIRED 2.5. POST-INSTALLATION PROCEDURES CHAPTER 3. USING SYSTEM-WIDE CRYPTOGRAPHIC POLICIES 3.1. SYSTEM-WIDE CRYPTOGRAPHIC POLICIES Tool for managing crypto policies Strong crypto defaults by removing insecure cipher suites and protocols Cipher suites and protocols disabled in all policy levels Cipher suites and protocols enabled in the crypto-policies levels 3.2. SWITCHING THE SYSTEM-WIDE CRYPTOGRAPHIC POLICY TO MODE COMPATIBLE WITH EARLIER RELEASES 3.3. SWITCHING THE SYSTEM TO FIPS MODE 3.4. ENABLING FIPS MODE IN A CONTAINER 3.5. EXCLUDING AN APPLICATION FROM FOLLOWING SYSTEM-WIDE CRYPTO POLICIES 3.5.1. Examples of opting out of system-wide crypto policies 3.6. CUSTOMIZING SYSTEM-WIDE CRYPTOGRAPHIC POLICIES WITH POLICY MODIFIERS 3.7. CREATING AND SETTING A CUSTOM SYSTEM-WIDE CRYPTOGRAPHIC POLICY 3.8. RELATED INFORMATION CHAPTER 4. CONFIGURING APPLICATIONS TO USE CRYPTOGRAPHIC HARDWARE THROUGH PKCS #11 4.1. CRYPTOGRAPHIC HARDWARE SUPPORT THROUGH PKCS #11 4.2. USING SSH KEYS STORED ON A SMART CARD 4.3. USING HSMS PROTECTING PRIVATE KEYS IN APACHE AND NGINX 4.4. CONFIGURING APPLICATIONS TO AUTHENTICATE USING CERTIFICATES FROM SMART CARDS 4.5. RELATED INFORMATION CHAPTER 5. USING SHARED SYSTEM CERTIFICATES 5.1. THE SYSTEM-WIDE TRUST STORE 5.2. ADDING NEW CERTIFICATES 5.3. MANAGING TRUSTED SYSTEM CERTIFICATES 5.4. RELATED INFORMATION CHAPTER 6. SCANNING THE SYSTEM FOR CONFIGURATION COMPLIANCE AND VULNERABILITIES 6.1. CONFIGURATION COMPLIANCE TOOLS IN RHEL 6.2. VULNERABILITY SCANNING 6.2.1. Red Hat Security Advisories OVAL feed 6.2.2. Scanning the system for vulnerabilities 6.2.3. Scanning remote systems for vulnerabilities 6.3. CONFIGURATION COMPLIANCE SCANNING 6.3.1. Configuration compliance in RHEL 8 6.3.2. Possible results of an OpenSCAP scan 6.3.3. Viewing profiles for configuration compliance 6.3.4. Assessing configuration compliance with a specific baseline 6.4. REMEDIATING THE SYSTEM TO ALIGN WITH A SPECIFIC BASELINE 6.5. REMEDIATING THE SYSTEM TO ALIGN WITH A SPECIFIC BASELINE USING THE SSG ANSIBLE PLAYBOOK 6.6. CREATING A REMEDIATION ANSIBLE PLAYBOOK TO ALIGN THE SYSTEM WITH A SPECIFIC BASELINE 6.7. CREATING A REMEDIATION BASH SCRIPT FOR A LATER APPLICATION 6.8. SCANNING THE SYSTEM WITH A CUSTOMIZED PROFILE USING SCAP WORKBENCH 6.8.1. Using SCAP Workbench to scan and remediate the system 6.8.2. Customizing a security profile with SCAP Workbench 6.8.3. Related information 6.9. DEPLOYING SYSTEMS THAT ARE COMPLIANT WITH A SECURITY PROFILE IMMEDIATELY AFTER AN INSTALLATION 6.9.1. Deploying baseline-compliant RHEL systems using the graphical installation 6.9.2. Deploying baseline-compliant RHEL systems using Kickstart 6.10. SCANNING CONTAINER AND CONTAINER IMAGES FOR VULNERABILITIES 6.11. ASSESSING SECURITY COMPLIANCE OF A CONTAINER OR A CONTAINER IMAGE WITH A SPECIFIC BASELINE 6.12. SUPPORTED VERSIONS OF THE SCAP SECURITY GUIDE IN RHEL 6.13. RELATED INFORMATION CHAPTER 7. CHECKING INTEGRITY WITH AIDE 7.1. INSTALLING AIDE 7.2. PERFORMING INTEGRITY CHECKS WITH AIDE 7.3. UPDATING AN AIDE DATABASE 7.4. RELATED INFORMATION CHAPTER 8. ENCRYPTING BLOCK DEVICES USING LUKS 8.1. LUKS DISK ENCRYPTION 8.2. LUKS VERSIONS IN RHEL 8 8.3. OPTIONS FOR DATA PROTECTION DURING LUKS2 RE-ENCRYPTION 8.4. ENCRYPTING EXISTING DATA ON A BLOCK DEVICE USING LUKS2 8.5. ENCRYPTING EXISTING DATA ON A BLOCK DEVICE USING LUKS2 WITH A DETACHED HEADER 8.6. ENCRYPTING A BLANK BLOCK DEVICE USING LUKS2 CHAPTER 9. CONFIGURING AUTOMATED UNLOCKING OF ENCRYPTED VOLUMES USING POLICY-BASED DECRYPTION 9.1. NETWORK-BOUND DISK ENCRYPTION 9.2. INSTALLING AN ENCRYPTION CLIENT - CLEVIS 9.3. DEPLOYING A TANG SERVER WITH SELINUX IN ENFORCING MODE 9.4. ROTATING TANG SERVER KEYS AND UPDATING BINDINGS ON CLIENTS 9.5. DEPLOYING AN ENCRYPTION CLIENT FOR AN NBDE SYSTEM WITH TANG 9.6. REMOVING A CLEVIS PIN FROM A LUKS-ENCRYPTED VOLUME MANUALLY 9.7. DEPLOYING AN ENCRYPTION CLIENT WITH A TPM 2.0 POLICY 9.8. CONFIGURING MANUAL ENROLLMENT OF LUKS-ENCRYPTED VOLUMES 9.9. CONFIGURING AUTOMATED ENROLLMENT OF LUKS-ENCRYPTED VOLUMES USING KICKSTART 9.10. CONFIGURING AUTOMATED UNLOCKING OF A LUKS-ENCRYPTED REMOVABLE STORAGE DEVICE 9.11. DEPLOYING HIGH-AVAILABILITY NBDE SYSTEMS 9.11.1. High-available NBDE using Shamir’s Secret Sharing 9.11.1.1. Example 1: Redundancy with two Tang servers 9.11.1.2. Example 2: Shared secret on a Tang server and a TPM device 9.12. DEPLOYMENT OF VIRTUAL MACHINES IN A NBDE NETWORK 9.13. BUILDING AUTOMATICALLY-ENROLLABLE VM IMAGES FOR CLOUD ENVIRONMENTS USING NBDE 9.14. ADDITIONAL RESOURCES CHAPTER 10. AUDITING THE SYSTEM 10.1. LINUX AUDIT 10.2. AUDIT SYSTEM ARCHITECTURE 10.3. CONFIGURING AUDITD FOR A SECURE ENVIRONMENT 10.4. STARTING AND CONTROLLING AUDITD 10.5. UNDERSTANDING AUDIT LOG FILES 10.6. USING AUDITCTL FOR DEFINING AND EXECUTING AUDIT RULES 10.7. DEFINING PERSISTENT AUDIT RULES 10.8. USING PRE-CONFIGURED RULES FILES 10.9. USING AUGENRULES TO DEFINE PERSISTENT RULES 10.10. DISABLING AUGENRULES 10.11. RELATED INFORMATION CHAPTER 11. CONFIGURING AND MANAGING APPLICATION WHITELISTS 11.1. APPLICATION WHITELISTING IN RHEL 11.2. DEPLOYING APPLICATION WHITELISTING 11.3. ADDING CUSTOM RULES FOR APPLICATION WHITELISTING 11.4. TROUBLESHOOTING RHEL APPLICATION WHITELISTING 11.5. ADDITIONAL RESOURCES CHAPTER 12. PROTECTING SYSTEMS AGAINST INTRUSIVE USB DEVICES 12.1. USBGUARD 12.2. INSTALLING USBGUARD 12.3. BLOCKING AND AUTHORIZING A USB DEVICE USING CLI 12.4. CREATING A CUSTOM POLICY FOR USB DEVICES 12.5. AUTHORIZING USERS AND GROUPS TO USE THE USBGUARD IPC INTERFACE 12.6. LOGGING USBGUARD AUTHORIZATION EVENTS TO THE LINUX AUDIT LOG 12.7. ADDITIONAL RESOURCES
نظرات کاربران
کتاب های تصادفی
دانلود کتاب This Thing Called Theory
دانلود کتاب Forensic analysis of biological evidence : a Laboratory guide for serological and DNA typing
دانلود کتاب Rethinking the Femme Fatale in Film Noir: Ready for Her Close-Up
دانلود کتاب The Beginner's Guide to Photographing Birds: Essential Techniques for Hobbyists and Bird Lovers
