Topic 320: Cryptography

320.1 OpenSSL (weight: 4)

Key Knowledge Areas

• certificate generation

• key generation

• SSL/TLS client and server tests

The following is a partial list of the used files, terms and utilities:

• openssl

• RSA, DH and DSA

• SSL

• X.509

• CSR

• CRL

320.2 Advanced GPG (weight: 4)

Key Knowledge Areas

• GPG encyption and signing

• private/public key management

• GPG key servers

• GPG configuration

The following is a partial list of the used files, terms and utilities:

• gpg

• gpgv

• gpg-agent

• ~/.gnupg/

320.3 Encrypted Filesystems (weight: 3)

Key Knowledge Areas

• LUKS

• dm-crypt and awareness of CBC, ESSIV, LRW and XTS modes

The following is a partial list of the used files, terms and utilities:

• dm-crypt

• cryptmount

• cryptsetup

Topic 321: Access Control

321.1 Host Based Access Control (weight: 2)

Key Knowledge Areas

• PAM and PAM configuration files

• password cracking

• nsswitch

The following is a partial list of the used files, terms and utilities:

• nsswitch.conf

• john

321.2 Extended Attributes and ACLs (weight: 5)

Key Knowledge Areas

• ACLs

• EAs and attribute classes

The following is a partial list of the used files, terms and utilities:

• getfacl

• setfacl

• getfattr

• setfattr

321.3 SELinux (weight: 6)

Key Knowledge Areas

• SELinux configuration and command line tools

• TE, RBAC, MAC and DAC concepts and use

The following is a partial list of the used files, terms and utilities:

• fixfiles/setfiles

• newrole

• setenforce/getenforce

• selinuxenabled

• semanage

• sestatus

• /etc/selinux/

• /etc/selinux.d/

321.4 Other Mandatory Access Control Systems (weight: 2)

Key Knowledge Areas

• SMACK

• AppArmor

The following is a partial list of the used files, terms and utilities:

• SMACK

• AppArmor

Topic 322: Application Security

322.1 BIND/DNS (weight: 2)

Key Knowledge Areas

• BIND v9

• BIND vulnerabilities

• chroot environments

The following is a partial list of the used files, terms and utilities:

• TSIG

• BIND ACLs

• named-checkconf

322.2 Mail Services (weight: 2)

Key Knowledge Areas

• Postfix security centric configuration

• securing Sendmail

• chroot environments

The following is a partial list of the used files, terms and utilities:

• /etc/postfix/

• TLS

322.3 Apache/HTTP/HTTPS (weight: 2)

Key Knowledge Areas

• Apache v1 and v2 security centric configuration

The following is a partial list of the used files, terms and utilities:

• SSL

• .htaccess

• Basic Authentication

• htpasswd

• AllowOverride

322.4 FTP (weight: 1)

Key Knowledge Areas

• Pure-FTPd configuration and important command line options

• vsftpd configuration

• chroot environments

The following is a partial list of the used files, terms and utilities:

• SSL/TLS

• vsftp.conf

322.5 OpenSSH (weight: 3)

Key Knowledge Areas

• OpenSSH configuration and command line tools

• OpenSSH key management and access control

• Awareness of SSH protocol v1 and v2 security issues

The following is a partial list of the used files, terms and utilities:

• /etc/ssh/

• ~/.ssh/

• ssh-keygen

• ssh-agent

• ssh-vulnkey

322.6 NFSv4 (weight: 1)

Key Knowledge Areas

• NFSv4 security improvements, issues and use

• NFSv4 pseudo file system

• NFSv4 security mechanisms (LIPKEY, SPKM, Kerberos)

The following is a partial list of the used files, terms and utilities:

• NFSv4 ACLs

• nfs4acl

• RPCSEC_GSS

• /etc/exports

322.7 Syslog (weight: 1)

Key Knowledge Areas

• syslog security issues

• chroot environments

The following is a partial list of the used files, terms and utilities:

• remote syslog servers

Topic 323: Operations Security

323.1 Host Configuration Management (weight: 2)

Key Knowledge Areas

• RCS

• Puppet

The following is a partial list of the used files, terms and utilities:

• RCS

• ci/co

• rcsdiff

• puppet

• puppetd

• puppetmasterd

• /etc/puppet/

Topic 324: Network Security

324.1 Intrusion Detection (weight: 4)

Key Knowledge Areas

• Snort configuration, rules and use

• Tripwire configuration, policies and use

The following is a partial list of the used files, terms and utilities:

• snort

• snort-stat

• /etc/snort/

• tripwire

• twadmin

• /etc/tripwire/

324.2 Network Security Scanning (weight: 5)

Key Knowledge Areas

• Nessus configuration, NASL and use

• Wireshark filters and use

The following is a partial list of the used files, terms and utilities:

• nmap

• wireshark

• tshark

• tcpdump

• nessus

• nessus-adduser/nessus-rmuser

• nessusd

• nessus-mkcert

• /etc/nessus

324.3 Network Monitoring (weight: 3)

Key Knowledge Areas

• Nagios configuration and use

• ntop

The following is a partial list of the used files, terms and utilities:

• ntop

• nagios

• nagiostats

• nagios.cfg and other configuration files

324.4 netfilter/iptables (weight: 5)

Key Knowledge Areas

• Iptables packet filtering and network address translation

The following is a partial list of the used files, terms and utilities:

• iptables

• iptables-save/iptables-restore

324.5 OpenVPN (weight: 3)

Key Knowledge Areas

• OpenVPN configuration and use

The following is a partial list of the used files, terms and utilities:

• /etc/openvpn/

• openvpn server and client