CÔNG TY TNHH TRAINOCATE VIỆT NAM
DO426 - Red Hat Security: Securing Containers and OpenShift with exam

DO426 - Red Hat Security: Securing Containers and OpenShift with exam

DO426 - Red Hat Security: Securing Containers and OpenShift with exam

Objectives

  • Impact on the organization

Containers and container orchestration platforms, such as OpenShift and Kubernetes, have become pervasive in enterprise computing. Container environments have introduced new attack vectors, exploits, and vulnerabilities. Enterprises require strong security, and the migration to containerized microservices has upended traditional network-based security models. Developers must prove that their code, images, and deployments are trusted and secure.
This offering is intended to develop and validate the skills needed to maintain a high level of security in the evolving world of containerized applications and OpenShift installations. OpenShift is an enterprise-grade, container-based application platform that provides the mature security of Red Hat Enterprise Linux and additional mechanisms of security assurance for service role access control, build process hardening, source image layered trust, and controlled deployment management. These security features may help your organization efficiently reduce risk of security breaches, which have a high cost in business disruption, brand erosion, loss of customer and shareholder trust, and financial costs for post-incident remediation. In addition, your organization may be able to use the tools in this offering to help demonstrate that compliance requirements set by customers, auditors, or other stakeholders have been met.
Red Hat has created this course in a way intended to benefit our customers, but each company and infrastructure is unique, and actual results or benefits may vary.

  • Impact on the individual

As a result of taking this course and exam, you should be able to use security technologies included in Red Hat OpenShift Container Platform and Red Hat Enterprise Linux to manage security risk and help meet compliance requirements. You should be able to demonstrate these skills:

  •  Use recommend practices to ensure that images for container deployment come from trusted sources, including the use of secure registries, signed images, secure access protocols, and authorized access controls.
  •  Explain and implement advanced SELinux techniques to restrict access by users, processes, and virtual machines.
  •  Configure security context constraints to control the actions that pods can perform and to declare what a pod has the ability to access.
  •  Implement the Linux computer security (seccomp) and Linux capabilities features to control the vulnerability footprint of a containerized application.
  •  Implement and configure single sign-on for web applications, including the use of JWT for token sharing.
  •  Explain and implement network isolation and encryption techniques to segregate application traffic to allow only authorized access.
  •  Implement and explain storage management techniques to segregate volume storage I/O to allow only authorized access.
  •  Observe and explain how the build process can be extended to include automated security testing and vulnerability scanning to ensure that no exploits are introduced into the final container images to be deployed.
  •  Manage container deployment policies and configuration to control application placement, resource capacity, container affinity, and application demand scaling.
  •  Manage OpenShift project access and quotas to ensure private and authorized self-service access, as well as to limit exposure to rogue tokens and denial-of-service attempt

Content

  • Describe host security technologies - Understand the core technologies that make Red Hat Enterprise Linux a robust and trusted container host.
  • Establish trusted container images - Describe the registries, services, and methods that comprise the Red Hat image ecosystem.
  • Implement security in the build process - Learn automated methods for integrating security checks into build and deployment pipelines.
  • Manage user access control - Apply methods for integrating and managing user authentication for operators and for web applications.
  • Control the deployment environment - Determine how a container platform secures the deployment process through policies and automation.
  • Manage secure platform orchestration - Study how a container platform secures the orchestration process through policies and infrastructure.
  • Provide secure network I/O - Discover the technologies and control features that enable multitenancy and project isolation.
  • Deliver secure storage I/O - Enable authorized, multitenant storage access through a firm understanding of related technologies and control features.

Audience

This course is designed for professionals responsible for designing, implementing, maintaining, and managing the security of containerized applications on Red Hat Enterprise Linux systems and in Red Hat OpenShift Container Platform installations, including these roles:

  •  System administrators
  •  IT security administrators
  •  IT security engineers
  •  DevOps engineers
  •  Cloud developers
  •  Cloud architects

Prerequisites

  •  Become a Red Hat Certified Engineer (RHCE®), or demonstrate equivalent Red Hat Enterprise Linux knowledge and experience
  •  Become a Red Hat Certified Specialist in OpenShift Administration, or demonstrate equivalent Red Hat OpenShift Container Platform knowledge and experience

Certification

This course not associated with certification

Schedule

Lịch khai giảng

Form đăng ký

Bằng cách nhấn nút "ĐĂNG KÝ", tôi hoàn toàn đồng ý với Chính sách quyền riêng tư

Các khóa đào tạo Red Hat khác

DO370 - Enterprise Kubernetes Storage with Red Hat OpenShift Data Foundation

Traditional storage options available to Kubernetes administrators are limited and lack flexibility and/or versatility. Red Hat OpenShift Data Foundation provides real advantages, even when it is backed by cloud storage such as AWS EBS and sophisticated on-prem legacy storage like SAN arrays. Many companies rely on third-party solutions to manage backup and disaster recovery in production. However, proper planning to implement these solutions requires knowledge of the Kubernetes CSI and OAPD APIs. This course walks the student through the recommended steps of configuring and managing storage services for container and Kubernetes services. Course content coverage Deploy Red Hat OpenShift Data Foundation in internal and external mode.  Provision non-shareable block storage to applications like databases.  Provision shareable block storage to applications like virtual machines.  Provision shareable file storage to such applications as CI/CD pipelines and AI/ML. Provision shareable object storage to applications, such as AI/ML and media streaming.  Provision storage for Red Hat OpenShift cluster services, such as monitoring and registry.  Monitor and expand storage capacity and performance. Attach and detach storage from an application for backup and archiving.  Create and access volume snapshots and clones.  Troubleshoot internal Ceph components of Red Hat OpenShift Data Foundation.  Perform backup and restore operations using the OADP API.
4.0 ngày

RH415 - Red Hat Security: Linux in Physical, Virtual and Cloud

Manage security of Red Hat Enterprise Linux systems deployed in bare-metal, virtual, and cloud environments. Red Hat Security: Linux in Physical, Virtual, and Cloud (RH415) is designed for security administrators and system administrators who need to manage the secure operation of servers running Red Hat® Enterprise Linux®, whether deployed on physical hardware, as virtual machines, or as cloud instances. This course is based on Red Hat Enterprise Linux 7.5, Red Hat Satellite 6.3, Red Hat Ansible® Engine 2.5, Red Hat Ansible Tower 3.2, and Red Hat Insights. Maintaining security of computing systems is a process of managing risk through the implementation of processes and standards backed by technologies and tools. In this course, you will learn about resources that can be used to help you implement and comply with your security requirements. Manage compliance with OpenSCAP. Enable SELinux on a server from a disabled state, perform basic analysis of the system policy, and mitigate risk with advanced SELinux techniques. Proactively identify and resolve issues with Red Hat Insights. Monitor activity and changes on a server with Linux Audit and AIDE. Protect data from compromise with USBGuard and storage encryption. Manage authentication controls with PAM. Manually apply provided Ansible Playbooks to automate mitigation of security and compliance issues. Scale OpenSCAP and Red Hat Insights management with Red Hat Satellite and Red Hat Ansible Tower.
4.0 ngày

Đăng ký tư vấn
cùng đội ngũ chuyên gia Trainocate!!

Bản quyền thuộc về Trainocate Việt Nam

back to top
icon đăng ký