Hi. if add exam security questions for understanding role-based access control (RBAC) mandatory access control (MAC) and discretionary access control (DAC).
2008/10/2 <[EMAIL PROTECTED]> > Send lpi-examdev mailing list submissions to > [email protected] > > To subscribe or unsubscribe via the World Wide Web, visit > http://list.lpi.org/cgi-bin/mailman/listinfo/lpi-examdev > or, via email, send a message with subject or body 'help' to > [EMAIL PROTECTED] > > You can reach the person managing the list at > [EMAIL PROTECTED] > > When replying, please edit your Subject line so it is more specific > than "Re: Contents of lpi-examdev digest..." > > > Today's Topics: > > 1. 303 Security exam objectives (G. Matthew Rice) > 2. Re: 303 Security exam objectives (Etienne Goyer) > > > ---------------------------------------------------------------------- > > Message: 1 > Date: 01 Oct 2008 17:21:59 -0400 > From: "G. Matthew Rice" <[EMAIL PROTECTED]> > Subject: [lpi-examdev] 303 Security exam objectives > To: [email protected] > Message-ID: <[EMAIL PROTECTED]> > Content-Type: text/plain; charset=us-ascii > > Hi everyone, > > I've (finally) put up the draft objectives for the LPIC-3 303 Security > exam. > > It is at: > > https://group.lpi.org/publicwiki/bin/view/Examdev/LPIC-303 > > It isn't big on details yet (I'll be adding some of those tomorrow) and > there > are certain things that I didn't add because I would like some feedback > from > everyone here first. > > So, any comments on the utility of adding some of these to the exam. > > > 1. host-base access control > > This means things like more tcp wrappers, pam and things like password > cracking. Do we need more than what is in lpic-2/3 exams already? > > > 2. bootloader security > > There must be more to it that 'put a password on it' :) > > > 3. encrypted filesystems > > I'm thinking that the time isn't right for this. Someone at the office > won't > stop pestering me about them, though, so... > > > 4. secure remote access > > Meaning, adding vnc, rdesktop, ??? to the exam. > > > And is there anything else that you think is really missing? > > Regards, > -- > g. matthew rice <[EMAIL PROTECTED]> starnix care, toronto, ontario, ca > phone: 647.722.5301 x242 gpg id: EF9AAD20 > http://www.starnix.com professional linux services & products > > > ------------------------------ > > Message: 2 > Date: Wed, 01 Oct 2008 17:28:08 -0400 > From: Etienne Goyer <[EMAIL PROTECTED]> > Subject: Re: [lpi-examdev] 303 Security exam objectives > To: "This is the lpi-examdev mailing list." <[email protected]> > Message-ID: <[EMAIL PROTECTED]> > Content-Type: text/plain; charset="iso-8859-1" > > Disclaimer: I do not claim to a SME on security. > > > G. Matthew Rice wrote: > > 1. host-base access control > > > > This means things like more tcp wrappers, pam and things like password > > cracking. Do we need more than what is in lpic-2/3 exams already? > > To get into even more details? Sure. > > > > 2. bootloader security > > > > There must be more to it that 'put a password on it' :) > > Well, no. The bootloader have a fairly simply function (bootstrap the > OS). Password-protecting the bootloader is standard host hardening > practice, but that is pretty much where it stop. > > I would assume a LPIC-3 to understand the implication of not doing so, > such as privileged run level being passed as kernel argument, or having > kernel-based MAC mechanism turned off, etc. We may want to test on that > instead of "passwording the bootloader". > > > > 3. encrypted filesystems > > > > I'm thinking that the time isn't right for this. Someone at the office > won't > > stop pestering me about them, though, so... > > I would think that LUKS have stabilized enough to be an exam topic. > Just MHO, tough. > > > > 4. secure remote access > > > > Meaning, adding vnc, rdesktop, ??? to the exam. > > No. I really do not see the point. > > Cheers! > > > -- > Etienne Goyer 0x3106BCC2 > > "For Bruce Schneier, SHA-1 is merely a compression algorithm." > http://geekz.co.uk/schneierfacts/fact/164 > > -------------- next part -------------- > A non-text attachment was scrubbed... > Name: signature.asc > Type: application/pgp-signature > Size: 252 bytes > Desc: OpenPGP digital signature > Url : > http://list.lpi.org/cgi-bin/mailman/private/lpi-examdev/attachments/20081001/82d4e9c1/signature-0001.pgp > > ------------------------------ > > _______________________________________________ > lpi-examdev mailing list > [email protected] > http://list.lpi.org/cgi-bin/mailman/listinfo/lpi-examdev > > End of lpi-examdev Digest, Vol 20, Issue 1 > ****************************************** >
_______________________________________________ lpi-examdev mailing list [email protected] http://list.lpi.org/cgi-bin/mailman/listinfo/lpi-examdev
