As with any multiuser-networked operating system, a secure environment is essential to system stability. This Topic covers basic Linux security administration. The following three Objectives are included:
Candidates should know how to review system configuration to ensure host security in accordance with local security policies. This Objective includes how to configure TCP wrappers, find files with SUID/SGID bits set, verify packages, set or change user passwords and password aging information, and update binaries as recommended by CERT, BUGTRAQ, and/or the distribution's security alerts. Includes basic knowledge of ipchains and iptables. Weight: 4.
Candidates should know how to set up a basic level of host security. Tasks include syslog configuration, shadowed passwords, setup of a mail alias for root's mail, and turning of all network services not in use. Weight: 3.
An LPIC candidate should be able to configure user-level security. Tasks include limits on user logins, processes, and memory usage. Weight: 1.