Course Catalog  > DevOps and CI/CD  > Red Hat  > Red Hat DevOps
DO426

Red Hat Security: Securing Containers and OpenShift with Exam Training

This Red Hat Security course teaches attendees how to use secure and trusted container images, registries, and source code. Students learn how to manage network and storage isolation, implement application single sign-on, and configure appropriate security constraints and service role–based access control. Participants also learn how existing core Linux technologies( such as namespaces, cgroups, seccomp, capabilities, and SELinux) provide a robust and mature host environment with strongly secure containers.

Request Information
Request On-Site or Customized Course Info
Course Details

Duration

5 days

Prerequisites

  • Become a Red Hat Certified Engineer (RHCE®), or demonstrate equivalent Red Hat Enterprise Linux knowledge and experience
  • Become a Red Hat Certified Specialist in OpenShift Administration, or demonstrate equivalent Red Hat OpenShift Container Platform knowledge and experience

Target Audience

Professionals responsible for designing, implementing, maintaining, and managing the security of containerized applications on Red Hat Enterprise Linux systems and in Red Hat OpenShift Container Platform installations, including these roles:

  • System Administrators
  • IT security Administrators
  • IT security Engineers
  • DevOps Engineers
  • Cloud Developers
  • Cloud Architects

Skills Gained

  • Use recommend practices to ensure that images for container deployment come from trusted sources, including the use of secure registries, signed images, secure access protocols, and authorized access controls.
  • Explain and implement advanced SELinux techniques to restrict access by users, processes, and virtual machines.
  • Configure security context constraints to control the actions that pods can perform and to declare what a pod has the ability to access.
  • Implement the Linux computer security (seccomp) and Linux capabilities features to control the vulnerability footprint of a containerized application.
  • Implement and configure single sign-on for web applications, including the use of JWT for token sharing.
  • Explain and implement network isolation and encryption techniques to segregate application traffic to allow only authorized access.
  • Implement and explain storage management techniques to segregate volume storage I/O to allow only authorized access.
  • Observe and explain how the build process can be extended to include automated security testing and vulnerability scanning to ensure that no exploits are introduced into the final container images to be deployed.
  • Manage container deployment policies and configuration to control application placement, resource capacity, container affinity, and application demand scaling.
  • Manage OpenShift project access and quotas to ensure private and authorized self-service access, as well as to limit exposure to rogue tokens and denial-of-service attempts.
Course Outline
  • Describe host security technologies
  • Establish trusted container images
  • Implement security in the build process
  • Manage user access control
  • Control the deployment environment
  • Manage secure platform orchestration
  • Provide secure network I/O
  • Deliver secure storage I/O