Softpanorama
(slightly skeptical) Open Source Software Educational Society

May the source be with you, but remember the KISS principle ;-)

Solaris Security Certification

News	Recommended Solaris certification books	Solaris 9 Security Certification Exam Structure	Solaris 9 Exam Objectives	The SCSA for the Solaris 10 Operating System Exam structure	The SCSA for Solaris 10 Exam Objectives
Sun Homepage for Certified Security Administrator			Recommended Training	Humor	Etc

The Sun Certified Security Administrator (SCSA) for the Solaris 9 or Solaris 10 exam realistically is for administrators with more then three years of experience administering security in either version of Solaris. Exam for Solaris 10 includes questions related for zones and as such is more difficult.

Solaris 9 security certification exam structure

The Sun Certified Security Administrator for the Solaris 9 Operating System exam realistically is for administrators with more then three years of experience administering security in a Solaris Operating System (Solaris OS).

There is no prerequisites. It requires neither Solaris administration certification nor network certification.

It is recommended that candidates:

Attend the course: SC-300: Administering Security on the Solaris OS,
Have six to twelve months security administration job-role experience,
Have previous Solaris OS and network administration certification.

The examination will include multiple choice scenario-based questions, matching, drag-drop, and free-response question types and will require in-depth knowledge on security topics including: general security concepts

detection and device management
security attacks
file and system resources protection
host and network prevention
network connection access
authentication
encryption

Delivered at: Authorized Prometric Testing Centers

Prerequisites: Six to twelve months administering security in a Solaris OS
Other exams/assignments required for this certification: None
Exam type: Multiple choice, drag-drop, matching
Number of questions: 60
Pass score: 60%
Time limit: 90 minutes

The main topics include:

Solaris BSM auditing

Solaris device management

Solaris Fingerprint Database

Given a security scenario:
- a) manage the security of user accounts by setting account expiration, and restricting root logins,
- b) manage dormant accounts through protection and deletion,
- c) check user security by configuring the /etc/default/su file, or classifying and restricting non-login accounts and shells.
Pluggable Authentication Module (PAM)
Kerberos
role-based access control (RBAC)
Access Control Lists (ACLs)
firewall

Solaris 9 Security Certification Exam Objectives

Version	Product ID	Price
Solaris 9	CX-310-301	$150.00
Solaris 10

Exams purchased on Sun web site may only be used in the US. Once exam vouchers are purchased you have up to one year from the date of purchase to use it. Each voucher is valid for one exam and may only be used at an Authorized Prometric Testing Center. Exam vouchers are nonrefundable.

Solaris 9 Security Certification Exam Objectives

Section 1: General Security Concepts

Explain fundamental concepts concerning information security and explain what good security architectures include (people, process, technology, defense in depth).
Identify the security life cycle (prevent, detect, react, and deter) and describe security awareness, security policies and procedures, physical security, platform security, network security, application security, and security operations and management.
Describe concepts of unsecure systems, user trust, threat, and risk.
Explain attackers, motives, and methods.
Describe accountability, authentication, authorizations, privacy, confidentiality, integrity, and non-repudiation.
Describe the benefit of evaluation standards and explain actions that can invalidate certification.
Describe how the attackers gain information about the targets and describe methods to reduce disclosure of revealing information.

Section 2: Detection and Device Management

Given a scenario, identify and monitor successful and unsuccessful logins and system log messages, and explain how to configure centralized logging and customize the system logging facility to use multiple log files.
Describe the benefits and potential limitations of process accounting.
Configure Solaris BSM auditing, including setting audit control flags and customizing audit events.
Given a security scenario, generate an audit trail and analyze the audit data using the auditreduce, praudit, and audit commands.
Explain the device management components including device_maps and device_allocate file, device-clean scripts, and authorizations using the auth_attr database, and describe how to configure these device management components.

Section 3: Security Attacks

Differentiate between the different types of host-based Denial of Service (DoS) attacks, establish courses of action to prevent DoS attacks, and understand how DoS attacks are executed.
Demonstrate privilege escalation by identifying Trojan horses and buffer overflow attacks, and explain backdoors, rootkits, and loadable kernel modules, and understand the limitations of these techniques.
Given a security scenario, detect Trojan horse and back door attacks using the find command, checklists, file digests, checksums, the Solaris Fingerprint Database, and explain trust with respect to the kernel and the OpenBoot PROM and understand the limitations of these techniques.

Section 4: File and System Resources Protection

Given a security scenario:
- manage the security of user accounts by setting account expiration, and restricting root logins,
- manage dormant accounts through protection and deletion,
- check user security by configuring the /etc/default/su file, or classifying and restricting non-login accounts and shells.
Describe the implementation of defensive password policies and understand the limitations of password authentication.
Describe the function of a Pluggable Authentication Module (PAM), including the deployment of PAM in a production environment, and explain the features and limitations of Sun Kerberos.
Describe the benefits and capabilities of role-based access control (RBAC), and explain how to configure profiles and executions including creating, assigning, and testing RBAC roles.
Given a scenario, use Access Control Lists including setting file system permissions, implications of using Lax Permissions, manipulating the Set-User-ID and Set_Group-ID, and setting secure files using Access Control Lists.

Section 5: Host and Network Prevention

Explain fundamental concepts concerning network security including firewall, IPsec, network intrusion and detection, describe how to harden network services by restricting run control services, inetd services, and RPC services, and understand host hardening techniques described in Sun security blueprints.
Given a security scenario, describe steps to harden a system, install and configure Solaris Security Toolkit (SST), and describe how to create, run, and verify an SST configuration.

Section 6: Network Connection Access, Authentication, and Encryption

Explain how to configure, install, and validate TCP wrappers.
Explain cryptology concepts including secret-key and public-key cryptography, hash functions, encryption, and server and client authentication.
Given a security scenario, configure Solaris Secure Shell.

The SCSA for the Solaris 10 Operating System Exam

The Sun Certified Security Administrator for the Solaris 10 Operating System exam is for test candidates with extensive job-role experience administering security in a Solaris Operating System (Solaris 10 or OpenSolaris) environment.

Sun Certification recommends that candidates attend the course: SC-301-S10: Personalizing Security on the Solaris 10 Operating System, and previous Solaris OS system and network administration certification is strongly recommended.

This exam presumes the test candidate has an in-depth knowledge of UNIX and Solaris OS features.

The exam includes multiple-choice, scenario-based questions and drag-and-drop questions and requires extensive knowledge of Solaris OS security administration topics including:

general security principles and features,
hardening and minimization,
principles of least privilege,
cryptographic features,
Kerberos,
user account and password security,
network security,
auditing and zone security.

Product ID	Price
CX-310-303	$200.00

Exams purchased on this Web site may only be used in the US. If you reside outside the US, please select a country to inquire about products delivered in your country. Once exam vouchers are purchased you have up to one year from the date of purchase to use it. Each voucher is valid for one exam and may only be used at an Authorized Prometric Testing Center in the country for which it was purchased. Please be aware that exam vouchers are nonrefundable for any reason.

Details

Delivered at: Authorized Prometric Testing Centers
Prerequisites: Six to twelve months administering security in a Solaris OS
Exam type: Multiple choice, drag-drop, matching
Number of questions: 59
Pass score: 52%
Time limit: 105 minutes

The SCSA for Solaris 10 Exam Objectives

Section 1: General Security Principles and Features

# 1. Describe basic security principles including the need for a security policy, process, education and the need to audit, patch and securely configure systems.

# 2. Describe the purpose, features, and functions of the Solaris 10 security features as they relate to:

Device Policy
Kerberos enabled applications, LDAP and Inter operability enhancements
Process Rights Management
Solaris Containers
User Rights Management

# 3. Describe the purpose, features, and functions of the Solaris 10 security features as they relate to:

Password Strength, Syntax Checking, History and Aging Improvements
Basic Audit and Report Tool for File Integrity
IPfilter Stateful Packet Filtering Firewall
Solaris Secure Shell
IPsec/IKE Performance Enhancements

# 4. Describe the purpose, features, and functions of the Solaris 10 security features as they relate to:

Solaris Auditing
Trusted Extensions
PAM Improvements
Encryption and Message Digest Functions Built into the Solaris OS

Section 2: Installing Systems Securely

# 5. Describe minimization including minimal installation, software installation clusters, loose versus strict minimization, and providing consistent, known configuration for installations.

# 6. Manage patches including describing the Update Manager, describing signed patches, verifying signatures, and specifying a Web Proxy.

# 7. Perform hardening including implementing the Solaris Security Toolkit (SST).

Section 3: Principles of Least Privilege

# 8. Implement Process Rights Management including describing PRM, process privileges, determining rights required by process, profiling privileges used by processes, and assigning minimum rights to a process.

# 9. Implement User Rights Management including using Access Control, using RBAC, and implementing password strength, syntax checking, and history and aging improvements.

Section 4: Cryptographic Features

# 10. Utilize the Solaris Cryptographic framework including describing the Solaris Cryptographic Framework, using the basic administration tools for Solaris, using the SCF User-Level Commands, describing Framework Management, and using Solaris Cryptographic Framework with a Web server, with a Java-based application and with a Sun Crypto Accelerator.

# 11. Manage file system security, including using signed ELF objects, implementing BART for file integrity, and using the Solaris Fingerprint Database.

Section 5: Application and Network Security

# 12. Use the Service Management Facility (SMF) including describing using the SMF, describing the concept of Least Privilege and SMF, describing Authorizations, describing Limit Service Privileges, determining a current service's privileges and configuring a service to reduce privileges.

# 13. Secure networks including using Access Control, using TCP Wrappers, implementing the IPfitler Stateful Packet Filtering Firewall, describing Kerberos, implementing Solaris Secure Shell (SSH), and describing NFSv4.

# 14.Implement IPsec including describing IPsec, configuration IPsec, configuring IKE, and troubleshooting IPsec configurations.

# 15. Describe, implement, configure and troubleshoot Kerberos configurations, including Kerberos clients, KDCs, and Kerberized services such as Secure Shell and NFSv4.

Section 6: Auditing and Zone Security

# 16. Perform auditing and logging including describing Solaris Audit, configuring audit policy, implementing Solaris audit, configuring for Zones, reviewing audit logs, learning from audit trails, and using tamper proof logging.

# 17. Implement security in Solaris Zones including describing security characteristics, identifying differences from previous subjects, describe the Global Zones, identifying when and how to use Zones, describing resource management, identifying Zones and network security, and using patching Zones.

# 18. Describe how Security Components work together, how technologies interact, and identify infrastructure requirements.

# 19. Manage resources including describing resource controls and resource exhaustion attack prevention.

Notes:

Those pages are written by people for whom English is not a native language. Some amount of grammar and spelling errors should be expected.

This is a Spartan WHYFF (We Help You For Free) site. It cannot replace the best teachers and the best books.

The site contain some obsolete pages as it develops like a living tree... Some links on older pages are broken. Please try to use Google, Open directory, etc. to find a replacement link (see HOWTO search the WEB for details). We would appreciate if you can mail us a correct link.

Search Amazon by keywords:

Open directory

Research Index

News

[Jan 7, 2007] Solaris 10 Operating System Certification Learning Path is now available

Recommended Training

To succeed fully in this exam, candidates can take advantage of the following course(s):

Administering Security on the Solaris Operating System (SC-300)

Supporting Courses

Network Administration for the Solaris 9 Operating System (SA-399)
Network Administration for the Solaris 9 Operating System (WSB-399)
Network Administration for the Solaris 9 Operating System (CDS-399)

Copyright © 1996-2008 by Dr. Nikolai Bezroukov. www.softpanorama.org was created as a service to the UN Sustainable Development Networking Programme (SDNP) in the author free time. Submit comments This document is an industrial compilation designed and created exclusively for educational use and is placed under the copyright of the Open Content License(OPL). Original materials copyright belong to respective owners. Quotes are made for educational purposes only in compliance with the fair use doctrine.

Standard disclaimer: The statements, views and opinions presented on this web page are those of the author and are not endorsed by, nor do they necessarily reflect, the opinions of the author present and former employers, SDNP or any other organization the author may be associated with. We do not warrant the correctness of the information provided or its fitness for any purpose.

Last modified: February 28, 2008