𝔖 Scriptorium
✦   LIBER   ✦
πŸ“

Linux Essentials for Cybersecurity

✍ Scribed by Rothwell, William J

Publisher
Pearson It Certification
Year
2018
Tongue
English
Leaves
1966
Category
Library
⬇  Acquire This Volume

No coin nor oath required. For personal study only.

✦ Synopsis

ALL YOU NEED TO KNOW TO SECURE LINUX SYSTEMS, NETWORKS, APPLICATIONS, AND DATA-IN ONE BOOK
From the basics to advanced techniques: no Linux security experience necessary
Realistic examples & step-by-step activities: practice hands-on without costly equipment
The perfect introduction to Linux-based security for all students and IT professionals
Linux distributions are widely used to support mission-critical applications and manage crucial data. But safeguarding modern Linux systems is complex, and many Linux books have inadequate or outdated security coverage.
Linux Essentials for Cybersecurityis your complete solution. Leading Linux certification and security experts William "Bo" Rothwell and Dr. Denise Kinsey introduce Linux with the primary goal of enforcing and troubleshooting security. Their practical approach will help you protect systems, even if one or more layers are penetrated.
First, you'll learn how to install Linux to achieve optimal security upfront, even if you have no Linux experience. Next, you'll master best practices for securely administering accounts, devices, services, processes, data, and networks. Then, you'll master powerful tools and automated scripting techniques for footprinting, penetration testing, threat detection, logging, auditing, software management, and more.
To help you earn certification and demonstrate skills, this guide covers many key topics on CompTIA Linux+ and LPIC-1 exams. Everything is organized clearly and logically for easy understanding, effective classroom use, and rapid on-the-job training.
LEARN HOW TO:
Review Linux operating system components from the standpoint of security Master key commands, tools, and skills for securing Linux systems Troubleshoot common Linux security problems, one step at a time Protect user and group accounts with Pluggable Authentication Modules (PAM), SELinux, passwords, and policies Safeguard files and directories with permissions and attributes Create, manage, and protect storage devices: both local and networked Automate system security 24/7 by writing and scheduling scripts Maintain network services, encrypt network connections, and secure network-accessible processes Examine which processes are running-and which may represent a threat Use system logs to pinpoint potential vulnerabilities Keep Linux up-to-date with Red Hat or Debian software management tools Modify boot processes to harden security Master advanced techniques for gathering system information

✦ Table of Contents

Machine generated contents note: ch. 1 Distributions and Key Components --
Introducing Linux --
Linux Distributions --
Shells --
GUI Software --
Installing Linux --
Which Distro? --
Native or Virtual Machine? --
Installing a Distro --
Summary --
Key Terms --
Review Questions --
ch. 2 Working on the Command Line --
File Management --
The Linux Filesystem --
Command Execution --
The pwd Command --
The cd Command --
The is Command --
File Globbing --
The file Command --
The less Command --
The head Command --
The tail Command --
The mdkir Command --
The cp Command --
The mv Command --
The rm Command --
The rmdir Command --
The touch Command --
Shell Features --
Shell Variables --
echo --
set --
unset --
The PS1 Variable --
The PATH Variable --
Environment Variables --
env --
Initialization Files --
Alias --
Command History --
History Variables --
The .bash_history File --
Redirecting Input and Output --
Piping --
Subcommands --
Advanced Commands --
The find Command Note continued: Regular Expressions --
The grep Command --
The sed Command --
Compression Commands --
The tar Command --
The gzip Command --
The gunzip Command --
The bzip2 Command --
The xz Command --
Summary --
Key Terms --
Review Questions --
ch. 3 Getting Help --
Man Pages --
Man Page Components --
Man Page Sections --
Man Page Locations --
Command Help Options --
The help Command --
The info Command --
The /usr/share/doc Directory --
Internet Resources --
Summary --
Key terms --
Review Questions --
ch. 4 Editing Files --
The vi Editor --
What Is vim? --
Essential vi Commands --
Use Basic vi Modes --
Entering the Insert Mode --
Movement Commands --
Repeater Modifiers --
Undoing --
Copying, Deleting, and Pasting --
Finding Text --
Find and Replace --
Saving and Quitting --
Expand Your vi Knowledge --
Additional Editors --
Emacs --
gedit and kwrite --
nano and joe --
lime and bluefish --
Summary --
Key Terms --
Review Questions --
ch. 5 When Things Go Wrong Note continued: The Science of Troubleshooting --
Step 1: Gathering Information --
Step 2: Determine the Likely Cause --
Step 3: Document Your Plan of Attack (POA) --
Step 4: Perform the Actions --
Steps 5 and 6: Is the Problem Solved? --
Step 7: Are There Other Problems? --
Step 8: Store the Documentation --
Step 9: Prevent Future Problems --
Notifying Users --
Pre- and Post-login Messages --
The /etc/issue File --
The /etc/issue.net File --
Additional Pre-login Messages --
The /etc/motd File --
Broadcasting Messages --
The wall Command --
The shutdown Command --
Summary --
Review Questions --
ch. 6 Managing Group Accounts --
What Are Groups Used For? --
Primary versus Secondary Groups --
The /etc/group File --
Special Groups --
User Private Groups --
The /etc/gshadow File --
Managing Groups --
Creating Groups --
Modifying Groups --
Deleting Groups --
Adding Users to Groups --
Group Administrators --
Summary --
Key Terms --
Review Questions Note continued: ch. 7 Managing User Accounts --
The Importance of User Accounts --
User Account Information --
The /etc/passwd File --
Special Users --
The /etc/shadow File --
Managing Users --
Creating Users --
Setting the Account Password --
Using Defaults --
Using Skel Directories --
Modifying Users --
Managing GECOS --
Deleting Users --
Restricted Shell Accounts --
Network-Based User Accounts --
Using su and sudo --
Restricting User Accounts --
PAM Categories --
PAM Control Values --
PAM Modules --
Using PAM to Alter the Password Policy --
Summary --
Key Terms --
Review Questions --
ch. 8 Develop an Account Security Policy --
Introducing Kali Linux --
Security Principles --
Creating a Security Policy --
Securing Accounts --
Physical Security --
Educating Users --
Account Security --
User Account Names --
Users with No Password --
Preventing a User from Changing a Password --
Application Accounts --
Enabling Process Accounting Note continued: Avoiding Commands Being Run as the Superuser --
Security Tools --
The john and Johnny Tools --
The hydra tool --
Summary --
Review Questions --
ch. 9 File Permissions --
Standard Permissions --
Viewing Permissions --
Files Versus Directories --
Changing Permissions --
Default Permissions --
Special Permissions --
SUID --
SGID --
Sticky Bit --
Access Control Lists (ACLs) --
The mask Value --
Default ACLs --
Changing Ownership --
Chown --
chgrp --
File Attributes --
Introduction to SELinux --
Users Create Security Holes --
Daemon Processes Create Security Holes --
SELinux Essentials --
Security Context --
SELinux Conclusion --
Summary --
Key Terms --
Review Questions --
ch. 10 Manage Local Storage: Essentials --
Filesystem Essentials --
Partitions --
Filesystems --
Why So Many Partitions/Filesystems? --
Which Partitions/Filesystems Should Be Created? --
Filesystem Types --
Managing Partitions --
MBR --
GPT --
Creating MBR Partitions Note continued: Creating MBR Partitions --
Creating Filesystems --
Ext-Based Filesystem Tools --
fsck. --
dumpe2fs --
tune2ft --
debugft --
Xfs-Based Filesystem Tools --
xfsdump and xfsrestore --
xfs_info --
xfs_check and aft_repair --
Additional Filesystem Tools --
du --
df --
Mounting Filesystems --
The umount Command --
The mount Command --
Mounting Filesystems Manually --
Problems Unmounting Filesystems --
Mounting Filesystems Automatically --
Device Descriptors --
Mount Options --
Mounting Removable Media --
Swap Space --
Creating Swap Devices --
Summary --
Key Terms --
Review Questions --
ch. 11 Manage Local Storage: Advanced Features --
Encrypted Filesystems --
Managing autofs --
Logical Volume Manager --
Logical Volume Manager Concepts --
Advantages of LVM on a System with a Single Drive --
LVM Essentials --
Extents --
Logical Volumes --
Device Naming --
Using Logical Volumes and Additional LVM Commands --
Displaying LVM Information --
Additional LVM Commands Note continued: Resizing Logical Volumes --
LVM Snapshots --
Disk Quotas --
Setting Up a Disk Quota for a Filesystem --
Editing, Checking, and Generating User Quota Reports --
quotaon --
edquota --
quota --
repquota --
Hard and Soft Links --
Why Use Links? --
Creating Links --
Displaying Linked Files --
Summary --
Key Terms --
Review Questions --
ch. 12 Manage Network Storage --
Samba --
SAMBA Configuration --
The [global] Section --
The [homes] Section --
The [printers] Section --
Custom Shares --
SAMBA Server --
SAMBA Accounts --
Mapping Local Accounts --
Accessing SAMBA Servers --
Mounting SAMBA Shares --
Network File System --
Configuring an NFS Server --
The /etc/exports File --
User ID Mapping --
NFS Server Processes --
Understanding portmap --
NFS Server Commands --
Configuring an NFS Client --
iSCSI --
Target Configuration --
Initiator Configuration --
Summary --
Key Terms --
Review Questions --
ch. 13 Develop a Storage Security Policy --
Developing the Plan Note continued: Backing Up Data --
Creating a Backup Strategy --
What Needs to Be Backed Up? --
How Often? --
Full or Incremental? --
Where Will the Backup Be Stored? --
What Backup Tool Will Be Used? --
Standard Backup Utilities --
The dd Command --
The tar Command --
The rsync Command --
Third-party Backup Utilities --
Amanda --
Bacula --
Summary --
Key Terms --
Review Questions --
ch. 14 crontab and at --
Using crontab --
Configure User Access to the cron Service --
/etc/crontab --
/etc/anacrontab --
Using at --
atq --
atrm --
Configure User Access to at Services --
Summary --
Key Terms --
Review Questions --
ch. 15 Scripting --
Linux Programming --
BASH Shell Scripting --
Perl Scripting --
Python Scripting --
Basics of BASH Scripting --
Conditional Expressions --
Integer Comparisons --
File Test Comparisons --
Flow Control Statements --
The while Loop --
The for Loop --
Loop Control --
The case Statement --
User Interaction --
Using Command Substitution Note continued: Additional Information --
Summary --
Key Terms --
Review Questions --
ch. 16 Common Automation Tasks --
Exploring Scripts that Already Exist on Your System --
The /etc/cron. Directories --
logrotate --
man-db.cron --
mlocate --
Repositories --
Creating Your Own Automation Scripts --
Summary --
Key Terms --
Review Questions --
ch. 17 Develop an Automation Security Policy --
Securing crontab and at --
Securing BASH Scripts --
Access to Scripts --
Script Contents --
Dealing with Data --
Shell Settings --
Shell Style --
Summary --
Review Questions --
ch. 18 Networking Basics --
Network Terminology --
IPv4 Versus IPv6 --
IPv4 Addresses --
Determining a Network Address from an IP Address and Subnet --
Private IP Addresses --
Common Protocol Suites --
Network Ports --
Summary --
Key Terms --
Review Questions --
ch. 19 Network Configuration --
Ethernet Network Interfaces --
Displaying Ethernet Port Configurations --
Changing Ethernet Port Settings Note continued: Network Configuration Tools --
The arp Command --
The route Command --
The ip Command --
The hostname Command --
The host Command --
The dig Command --
The netstat Command --
Persistent Network Configurations --
The /etc/hostname File (Universal) --
The /etc/hosts File (Universal) --
The /etc/resolv.conf File (Universal) --
The /etc/nsswitch.conf File (Universal) --
The /etc/sysctl.conf File (Universal) --
The /etc/sysconfig/network File (Red Hat) --
The /etc/sysconfig/network-scripts/ifcfg-interface-name Files (Red Hat) --
The /etc/network/interfaces File (Debian) --
Network Troubleshooting Commands --
The ping Command --
The traceroute Command --
The netcat Command --
Access to Wireless Networks --
The iwconfig Command --
The iwlist Command --
Summary --
Key Terms --
Review Questions --
ch. 20 Network Service Configuration: Essential Services --
DNS Servers --
Essential Terms --
How Name Resolution Works --
Basic BIND Configuration Note continued: The /etc/named.conf File --
The allow-query Setting --
Additional /etc/named.conf Settings --
Zone Files --
Zone File Basics --
Zone File Entries in the /etc/named.conf File --
Zone File Syntax --
Zone Record Types --
The SOA Record Type --
The Address Record Type --
The Canonical Name Type --
The Name Server Record Type --
The Mail eXchange Record Type --
The Pointer Record Type --
Putting It All Together --
Slave BIND Servers --
Testing the DNS Server --
The dig Command --
Securing BIND --
Sending BIND to Jail --
Creating the chroot Directory and Files --
Configuring named to Start in the Jail --
Split BIND Configuration --
Transaction Signatures --
The dnssec-keygen Command --
The dnssec-signzone Command --
DHCP Server --
DHCP Configuration Basics --
The ddns-update-style and ignore client-updates Directives --
The subnet Directive --
Configuring Static Hosts --
DHCP Log Files --
Email Servers --
SMTP Basics --
Configuring Postfix Note continued: Postfix Configuration File --
Important Postfix Settings --
Aliases --
Postfix Virtual Domains --
Managing Local Email Delivery --
procmail Basics --
procmail Rules --
procmail Examples --
mbox and Maildir Formats --
Remote Email Delivery --
IMAP and POP Essentials --
The Dovecot Server --
Summary --
Key Terms --
Review Questions --
ch. 21 Network Service Configuration: Web Services --
Apache Web Server --
Basic Apache Web Server Configuration --
Starting the Apache Web Server --
Apache Web Server Log Files --
Enable Scripting --
Apache Web Server Security --
Essential Settings --
User Authentication --
Virtual Hosts --
Configuring IP-Based Virtual Hosts --
Configuring Name-Based Virtual Hosts --
HTTPS --
SSL Essentials --
SSL Issues --
Self-Signing --
SSL and Apache --
SSL Server Certificate --
Apache SSL Directives --
Proxy Servers --
Tunneling Proxy --
Forward Proxy --
Reverse Proxy --
Squid Basics --
Squid Access Rules --
Built-In ACLs Note continued: Understanding the Squid Rules --
Nginx Configuration --
Client Configuration --
Summary --
Key Terms --
Review Questions --
ch. 22 Connecting to Remote Systems --
LDAP --
Key LDAP Terms --
The slapd.conf File --
Customizing Your LDAP Domain --
Configuring Logging --
Configuring the Database Directory --
Starting the LDAP Server --
OpenLDAP Objects --
OpenLDAP Schemas --
OpenLDAP Database Changes --
Using the ldapdelete Command --
Using the ldapsearch Command --
Using the ldappasswd Command --
Connecting to an LDAP Server --
FTP Servers --
Configuring vsftpd --
Anonymous FTP --
Limiting User Accounts --
Additional Settings --
Connecting to an FTP server --
Active versus Passive Mode --
Secure Shell --
Configuring the Secure Shell Server --
Basic Configuration Settings --
Settings That Affect User Access --
Secure Shell Client Commands --
The ssh_config File --
The ssh Command --
The scp and sftp Commands --
Advanced SSH Features --
Summary --
Key Terms Note continued: Review Questions --
ch. 23 Develop a Network Security Policy --
Kernel Parameters --
The /etc/sysctl.conf File --
Ignoring ping Requests --
Ignoring Broadcast Requests --
Enabling TCP SYN Protection --
Disabling IP Source Routing --
TCP Wrappers --
Network Time Protocol --
Setting the System Clock Manually --
Setting the System Time Zone Manually --
Setting the System Date Using NTP --
Summary --
Key Terms --
Review Questions --
ch. 24 Process Control --
Viewing Processes --
The ps Command --
The pgrep Command --
The top Command --
The uptime Command --
The free Command --
Running Processes --
Pausing and Restarting Processes --
Killing Processes --
The kill Command --
The pkill Command --
The killall Command --
The xkill Command --
The nohup Command --
Process Priority --
The nice Command --
The renice Command --
Summary --
Key Terms --
Review Questions --
ch. 25 System Logging --
Syslog --
The syslogd Daemon --
The /var/log Directory Note continued: The /etc/syslog.conf File --
The /etc/rsyslog.conf File --
Creating Your Own /etc/syslog.conf Entry --
Adding an Entry --
Using the logger Command --
The logrotate Command --
The /etc/logrotate.conf File --
The journalctl Command --
The /etc/systemd/journald.conf file --
Summary --
Key Terms --
Review Questions --
ch. 26 Red Hat-Based Software Management --
Red Hat Packages --
How to Obtain Packages --
The /var/lib/rpm Directory --
Using the rpm Command --
Listing rpm Information --
Viewing Package Dependencies --
Package Listing Tricks --
Installing Packages with rpm --
Before You Install That Package... --
Removing Packages with rpm --
rpm2cpio --
The yum Command --
Repositories --
Accessing a Repo --
Creating a Repo --
Using the yum Command --
Displaying Package Information with yum --
Software Groups --
Installing Software with yum --
Removing Software with yum --
Using yum Plug-Ins --
Additional Tools --
Summary --
Key Terms --
Review Questions Note continued: ch. 27 Debian-Based Software Management --
Managing Packages with dpkg --
Listing Package Information with dpkg --
Installing Software with dpkg --
Reconfiguring Software with dpkg --
Extracting Files from a Debian Package --
Removing Packages with the dpkg Command --
Managing Packages with APT --
APT Repositories --
Creating a Source Repository --
Listing Package Information with APT Commands --
Installing Packages with APT Commands --
Removing Packages with APT Commands --
Additional APT Features --
Summary --
Key Terms --
Review Questions --
ch. 28 System Booting --
Phases of the Boot Process --
The BIOS/UEFI Phase --
The Bootloader Phase --
The Kernel Phase --
The Post-Kernel Phase --
GRUB --
Legacy GRUB Configuration --
Changing Legacy GRUB During Boot --
Booting to Single-User Mode in Legacy GRUB --
Securing Legacy GRUB --
GRUB 2 Configuration --
Saving GRUB 2 Changes --
GRUB 2 Titles --
Booting to Single-User Mode in GRUB 2 --
Securing GRUB 2 Note continued: Kernel Components --
Kernel Documentation --
Tweaking the Kernel --
Kernel Images --
Kernel Modules --
Module Files --
Listing Modules That Are Loaded --
Loading Modules into Memory --
Unloading Modules from Memory --
Listing Module Information --
The /proc/sys Filesystem --
The init Phase --
Configuring Systemd --
Using Service Units --
Using Target Units --
Summary --
Key Terms --
Review Questions --
ch. 29 Develop a Software Management Security Policy --
Ensuring Software Security --
Keep Packages Up to Date --
Consider Removing Unnecessary Packages --
Ensure You Install from Trusted Sources --
CVE --
Distribution-Specific Security Alerts --
xinetd --
Summary --
Key Terms --
Review Questions --
ch. 30 Footprinting --
Understanding Footprinting --
Common Footprinting Tools --
The nmap Command --
The netstat Command --
The lsof Command --
The nc Command --
The tcpdump Command --
Additional Utilities --
Kali Linux Utilities Note continued: Essential Information Gathering --
DNS Analysis Tools --
Host Identification Tools --
OSINT Tools --
Route Analysis Tools --
Summary --
Key Terms --
Review Questions --
ch. 31 Firewalls --
Introduction to Firewalls --
Essentials of the iptables Command --
Overview of Filtering Packets --
Important Terms --
Using iptables to Filter Incoming Packets --
Filtering by Protocol --
Multiple Criteria --
Filtering Based on Destination --
Changing the Default Policy --
Revisiting the Original Rules --
Saving the Rules --
Using iptables to Filter Outgoing Packets --
Implementing NAT --
Summary --
Key Terms --
Review Questions --
ch. 32 Intrusion Detection --
Introduction to Intrusion Detection Tools --
Determining If a Security Breach Has Occurred --
Taking Action --
Intrusion Detection Network Tools --
The netstat Command --
The nmap Command --
The tcpdump Command --
Intrusion Detection File Tools Note continued: Modifying the /etc/passwd and /etc/shadow Files to Create a Backdoor --
Creating an SUID Program to Create a Backdoor --
Incorporating File-Change Tools in the Intrusion Detection Plan --
Additional Intrusion Detection Tools --
Summary --
Key Terms --
Review Questions --
ch. 33 Additional Security Tasks --
The fail2ban Service --
OpenVPN --
Configuring the Certificate Authority --
Generating the VPN Server Certificate --
Generating the VPN Client Certificate --
Setting Up the Basic Server --
Setting Up the Basic Client --
gpg --
Security Alert Services --
Summary --
Key Terms --
Review Questions.

πŸ“œ SIMILAR VOLUMES

Linux Essentials for Cybersecurity
πŸ“ Linux Essentials for Cybersecurity
✍ William Rothwell; Denise Kinsey πŸ“‚ Library πŸ“… 2018 πŸ› Pearson It Certification 🌐 English

Linux distributions are widely used by technical professionals to support mission-critical applications and manage crucial data. But safeguarding Linux systems can be complex, and many guides to Linux usage and certification provide only superficial coverage of security. Linux Essentials for Cyberse

Linux Essentials for Cybersecurity
πŸ“ Linux Essentials for Cybersecurity
✍ William Rothwell; Denise Kinsey πŸ“‚ Library πŸ“… 2018 πŸ› Pearson Education 🌐 English

ALL YOU NEED TO KNOW TO SECURE LINUX SYSTEMS, NETWORKS, APPLICATIONS, AND DATA–IN ONE BOOK From the basics to advanced techniques: no Linux security experience necessary Realistic examples & step-by-step activities: practice hands-on without costly equipment The perfect introduction to Li

Linux Essentials for Cybersecurity (for
πŸ“ Linux Essentials for Cybersecurity (for True EPUB)
✍ William β€œBo” Rothwell; Denise Kinsey πŸ“‚ Library πŸ“… 2019 πŸ› Pearson Education 🌐 English

ALL YOU NEED TO KNOW TO SECURE LINUX SYSTEMS, NETWORKS, APPLICATIONS, AND DATA–IN ONE BOOK From the basics to advanced techniques: no Linux security experience necessary Realistic examples & step-by-step activities: practice hands-on without costly equipment The perfect introduction to Linux-ba

Cybersecurity Essentials
πŸ“ Cybersecurity Essentials
✍ Charles J. Brooks; Philip R. Craig; Donald Short πŸ“‚ Library πŸ“… 2018 πŸ› Sybex 🌐 English

<b>An accessible introduction to cybersecurity concepts and practices</b><i>Cybersecurity Essentials</i>provides a comprehensive introduction to the field, with expert coverage of essential topics required for entry-level cybersecurity certifications. An effective defense consists of four distinct c