Disclaimer: I do not claim to a SME on security.
G. Matthew Rice wrote: > 1. host-base access control > > This means things like more tcp wrappers, pam and things like password > cracking. Do we need more than what is in lpic-2/3 exams already? To get into even more details? Sure. > 2. bootloader security > > There must be more to it that 'put a password on it' :) Well, no. The bootloader have a fairly simply function (bootstrap the OS). Password-protecting the bootloader is standard host hardening practice, but that is pretty much where it stop. I would assume a LPIC-3 to understand the implication of not doing so, such as privileged run level being passed as kernel argument, or having kernel-based MAC mechanism turned off, etc. We may want to test on that instead of "passwording the bootloader". > 3. encrypted filesystems > > I'm thinking that the time isn't right for this. Someone at the office won't > stop pestering me about them, though, so... I would think that LUKS have stabilized enough to be an exam topic. Just MHO, tough. > 4. secure remote access > > Meaning, adding vnc, rdesktop, ??? to the exam. No. I really do not see the point. Cheers! -- Etienne Goyer 0x3106BCC2 "For Bruce Schneier, SHA-1 is merely a compression algorithm." http://geekz.co.uk/schneierfacts/fact/164
signature.asc
Description: OpenPGP digital signature
_______________________________________________ lpi-examdev mailing list [email protected] http://list.lpi.org/cgi-bin/mailman/listinfo/lpi-examdev
