<< Back to Red Hat Certificates of Expertise
EX333 Enterprise Security: Network Services Expertise
Required for the Red Hat Certified Architect (RHCA) and the Red Hat Certified Security Specialist (RHCSS) certification tracks or can be taken independently as a stand-alone credential in its own right.
The Enterprise Security: Network Services Expertise Exam is only available to current RHCE’s and is organized into two sections:
- Centralized Authentication Security: 3.0 hours
- Network Service Security: 3.0 hours
In order to earn the Enterprise Security: Network Services Certificate of Expertise, one must earn a score of 70 or higher on each section.
Candidates who earn this certification should be able to carry out the following objectives (be sure to check Red Hat's official website for the latest EX333 exam objectives):
Centralized Authentication Security
- configure an NIS server to provide directory services
- configure Kerberos to provide user authentication
- configure NFSv4 server
- configure a network client to use NIS for directory information
- configure a network client to use Kerberos for authentication
- configure a network client to mount an NFSv4 export
- configure r-clients (rlogin, rcp, etc.) and telnet to use Kerberos
Network Services Security
- Use xinetd and TCP wrappers to restrict access to network services
- Configure Postfix and Sendmail to:
- filter mail based on message characteristics
- use TLS for secure communication
- use the Real-time Blackhole List (RBL) via DNS
- Configure POP/IMAP to use SSL/TLS for secure communication
- Configure the following aspects of DNS:
- master domain
- slave domain
- views
- forwarders
- blackhole lists (RBL)
- TSIG
- Use GPG tools to:
- generate key pairs
- sign documents
- encrypt documents
- decrypt documents
- verify document signatures
- configure a certificate authority (CA) and sign certificate requests
- configure httpd to use a SSL certificate signed by a certifying authority
- configure httpd to use passwords and/or network location to restrict access to content
- configure FTP security to:
- support FTP only users
- implement host based access restrictions
As with all Red Hat performance-based exams, configurations must persist after reboot without intervention.
