Linux Foundation Offering New Online Security Course

IT security threats seem to be everywhere, but skilled IT security professionals do not seem to be nearly as pervasive. It’s a conundrum that the Linux Foundation wants to help alleviate with the introduction of a new online Linux skills training program.

The online course, called Linux Security Fundamentals (LFS216), is an attempt to help individuals evaluate their own organizations’ security readiness. The course is not intended as an introduction for those who are new to Linux, but rather is targeted at those already running Linux systems.

Not ‘entry-level’

“Of course, security is not an entry-level topic; it’s more important for folks who’ve already started their career,” Clyde Seepersad, general manager, training and certification at the Linux Foundation, toldeWEEK. “The prerequisite for this course really is that the person is actually in a job where this matters.”

The LFS216 course covers threats and risk assessment, auditing and detection, application security, kernel vulnerabilities, local system security, network security, denial-of-service attacks as well as firewalling and packet filtering.

This is not the first time the Linux Foundation has offered security training. The Linux Foundation also has a course designated LFS416 that is about Linux security. Seepersad explained that the content is essentially the same with both LFS216 and LFS416, with the difference being the course format. LFS216 is a self-paced, online course that an individual can take in their own time from anywhere. In contrast, LFS416 is a four-day instructor-led course that an individual has to attend in person or watch via webcam at specific times.

“The logistical and personnel costs of the instructor-led course [$2,500] put it at a much higher price point,” compared with $199 for the online class, Seepersad said. “We have heard anecdotally from many sysadmins that they don’t want to point out to their employer that they need to learn more about security, so the lower price point makes this feasible [for them to pay the $199 out of pocket] without corporate training dollars.”

On completion of LFS216, students receive verification that they finished the course and a certificate of completion. Seepersad noted that while the Linux Foundation does not offer a security-specific certification, this course can help with some questions on the Linux Foundation Certified Sysadmin and Engineer exams.

The Linux Foundation is using the 360Training platform to deliver the LFS216 course. The Linux Foundation also works with other online training platforms including edX, where it has a very popular Introduction to Linux Massive Open Online Course (MOOC) that was first offered in March 2014.

While understanding Linux operating system security is a broad topic, the application security piece is complex. “Application security is a huge landscape, and the applications themselves have intricate permission and user policies,” Lee Elston, the course instructor for LFS216 told eWEEK. “It would be unjust to try and cover them in a single class.”

The LFS216 does include application security as a topic in a way that can help students get a grasp of the key issues.

“In LFS216, we look at the systemic changes and vulnerabilities that can affect the security of the system and the applications,” Elston said.

In the course, tools such as tcpdump and wireshark are used to see the packets (both clear and encrypted) coming and going to systems, he said. As for the status of the systems and applications, tools such as OSSEC are used to audit the environment for changes. Elston said that there is an opportunity for students to compile and test a kernel vulnerability (an old one) to see how kernel modules might be the source of an intrusion.

“We demonstrate many conditions the systems may face with a heavy emphasis on lab exercises for maximum exposure to the tools,” Elston said. “The primary technique for this class is experience, getting your fingers into system and testing, seeing and fixing conditions that exist in the real world.”

Take our cybersecurity 2016 quiz here!

Originally published on eWeek.

Sean Michael Kerner

Sean Michael Kerner is a senior editor at eWeek and contributor to TechWeek

Recent Posts

AT&T Admits Data Breach Impacted “Nearly All” Customers

American telecommunications giant AT&T admits that “nearly all” customer accounts were compromised in 2022 breach

12 hours ago

Elon Musk’s X Breached DSA Rules, EU Finds

X's Blue checks 'used to mean trustworthy sources of information. Now our preliminary view is…

16 hours ago

Japan’s SoftBank Acquires AI Chip Start-up Graphcore

SoftBank Group has purchased another British chip firm, with the acquisition of Bristol-based Graphcore Ltd…

17 hours ago

Samsung AI-Upgraded Bixby Voice Assistant Coming This Year

Samsung reportedly confirms it will launch the upgraded voice assistant Bixby this year, that will…

1 day ago

Next Neuralink Brain Implant Coming Soon, Says Musk

Despite an issue with first Neuralink implant in a patient, Elon Musk says second brain…

1 day ago

EU Accepts Apple’s Legal Commitments To Open NFC Access

Legal commitment over Apple's NFC-based mobile payments system, which is to be opened to rival…

2 days ago