Školení: SC-360
Enterprise Security Using Kerberos
Nejbližší termíny:
Kurz není v nejbližší době naplánován.
Kontaktujte nás a pokusíme se Vám vyjít vstříc.
Podrobnosti:
The Enterprise Security Using Kerberos course provides students with the knowledge and skills necessary to deploy Kerberos in the enterprise and to secure enterprise deployments of Lightweight Directory Access Protocol (LDAP).Students who can benefit from this course:System and Security Administrators who want to deploy Kerberos security and those who need secure authentication and encryption for NFS
Prerequisites:
- System Administration for the Solaris 10 Operating System, Part II (SA-202-S10)
- Read and edit system resource files
- Network Administration for the Solaris 10 Operating System (SA-300-S10)
- Configure the Network Interface layer
- Install, configure, and maintain a Solaris OS product line server
- Configure and manage network applications
- Configure the network (Internet and Transport layers)
Objectives:
- Understand Cryptography
- Use NTP
- Understand and implement Kerberos
- Administer Kerberos
- Implement Cross-Realm Authentication
- Integrate Kerberos Implementations
- Understand and Integrate LDAP
- Configure LDAP security
Topics:
Introducing Cryptography
- Describe common terms and techniques used in cryptography
- Understand the role and usage of cryptography in securing computer networks
- Discuss the architecture of the Secured Sockets Layer (SSH) protocol
Reviewing NTP
- Discuss the need for time synchronization in a networked environment
- Configure client system to synchronize time with a network server
- Deploy a Network Time Protocol (NTP) server which client systems can query
- Configure access restrictions on NTP clients and servers
Introducing Kerberos
- Discuss typical security and convenience limitations
- Describe the benefits afforded by the use of Kerberos in the enterprise
- Explain the conceptual operation of Kerberos
Examining Kerberos
- Describe the configuration files and applications that comprise Kerberos
- Discuss the Kerberos daemons needed on Kerberos server systems
- Describe the Kerberos applications used on Kerberos client systems
- Discuss the differences between master and slave Key Distribution Center (KDC)
Implementing Kerberos
- Deploy Kerberos master KDCs
- Configure slave Kerberos KDCs to provide redundancy and load-balancing
- Configure client systems to authenticate using Kerberos
Using Kerberos
- Describe the process which users authenticate as Kerberos principals
- Discuss the tools available to change passwords for Kerberos principals
- Explain how Kerberos principals can grant password-less accounts
Administering Kerberos
- Configure Kerberos keytabs
- Establish Kerberos principal password policies
- Configure PAM to provide Solaris users with single sign-on access
Implementing Cross-Realm Authentication
- Discuss reasons for using one Kerberos realm, or multiple Kerberos realms
- Describe the cross-realm authentication trust arrangements
- Configure direct and hierarchical cross-realm authentication relationships
Integrating Kerberos Implementations
- Discuss interoperability concerns between standards-compliant and nonstandard Kerberos implementations
- Describe Kerberos topologies used when integrating Microsoft Kerberos
- Configure Microsoft Kerberos as a hierarchical sub-realm
Reviewing LDAP
- Describe the structure of a Lightweight Directory Access Protocol
- Discuss common uses of LDAP
- Understand common LDAP terminology
Configuring LDAP Security
- Discuss methods of authenticating access to LDAP directories
- Describe tools used to secure LDAP transactions
- Describe tools used to secure access to specific entries within the LDAP directory
Integrating Kerberos and LDAP
- Contrast the benefits afforded by use of Kerberos with those of LDAP
- Describe methods in which Kerberos and LDAP can be used simultaneously
- Detail the security advantages and disadvantages of using LDAP with Kerberos
- Detail the security advantages and disadvantages using Kerberos on top of LDAP