Oracle Solaris Security provides enterprise-class features to help you protect your applications and your data. Security Administrators can minimize and harden Oracle Solaris to implement a secure foundation for deploying services. The Configuring Security on the Solaris 10 Operating System course provides students with the knowledge and skills to implement these features and customize security on Oracle Solaris 10 systems.

Basic Security Principles

• Evaluate Security Principles
• Need for a Security Policy
• Configuring Systems Securely
• Performing Security Audit
• Need for Patching

Oracle Solaris 10 Security Features

• Secure by Default
• Process Rights Management
• User Rights Management
• Solaris Cryptographic Framework
• Basic Audit Reporting Tool
• Oracle Solaris Service Management Facility
• Solaris IP Filter
• Solaris Secure Shell

Minimal and Reduced Installation

• Minimal Installation: A Type of Reduced Installation
• Software Installation Clusters
• Providing a Consistent, Known Configuration for Installations

Hardening a System

• Performing Hardening
• Implementing the Solaris Security Toolkit (SST)

Implementing Process Rights Management

• Process Rights Management
• Process Privileges
• Determining Process Rights Requirements
• Debugging Privileges
• Assigning Privileges to an Executable
• Assigning Privileges to a User

Implementing User Rights and Password Management

• User Access Controls
• RBAC Overview
• The RBAC Databases
• Using RBAC to Manage User Rights
• Using the Rights That You Are Assigned
• Managing Passwords

Using the Solaris Cryptographic Framework

• The Solaris Cryptographic Framework
• Solaris Cryptographic Framework User-Level Commands
• Solaris Cryptographic Framework Administration Tools
• Framework Management
• Solaris Cryptographic Framework with a Web Server
• Solaris Cryptographic Framework with a Java-Based Application
• Solaris Cryptographic Framework with Cryptographic Accelerators

Monitoring File Integrity

• Verifying File Integrity
• Using BART
• Signed ELF Objects

Using the Oracle Solaris Service Management Facility

• Oracle Solaris Service Management Facility
• Least Privilege and SMF
• Authorizations and Rights
• Service-Specific Property Groups
• Limiting Service Privileges
• Determining a Current Service’s Privileges
• Configuring a Service to Use Reduced Privileges

Securing Networks

• Network Security
• Network Access Control
• TCP Wrappers
• Using Authentication with Encryption
• Using Solaris SSH
• Using Kerberos Authentication
• Securing Remotely Accessed File Systems with the NFS Service

Implementing IPsec and IKE

• Introduction to IPsec
• Creating a simple IPsec security policy
• Key Management for IPsec
• Configuring Keys for IPsec
• Configuring IPsec Policy with Keying Material
• Troubleshooting IPsec Configurations

Oracle Solaris Auditing

• Oracle Solaris Auditing
• Configuring Oracle Solaris Auditing
• Configuring Audit Policy
• Preselecting Audit Events and Classes
• Specifying Audit File Systems
• Alerting the Audit Administrator
• Excepting Users From System-Wide Audit Selections
• Enabling and Disabling Auditing

Security and Oracle Solaris Zones

• Security Characteristics of Oracle Solaris Zones
• Zone Integration with Oracle Solaris 10 Security Features
• The Global Zone
• When and How to Use Oracle Solaris Zones
• Resource Management in Oracle Solaris Zones
• Auditing in Oracle Solaris Zones
• Oracle Solaris Zones and Network Security
• Patching Oracle Solaris Zones

How Security Components Work Together

• Security Components Integration
• Security Technologies Interaction
• Infrastructure Requirements
•