Simone “Simo” Bertulli: Lpic-3 Security - How to Approach the Certification

When you are LPIC-2 certified and start looking at the highest level of certification in Linux Professional Institute (LPI), the LPIC-3 specializations, you are faced with a choice. On the one hand, a better and more extensive academic preparation would help you build a solid knowledge background; on the other hand, you could specialize, aiming to become a "guru" on a specific theme.

This article introduces you to LPIC-3’s Security specialization.

The big LPIC-3 reshuffle

There are currently three LPIC-3 paths:

◉ LPIC-3 Security

◉ LPIC-3 Mixed Environments

◉ LPIC-3 Virtualization and High Availability

The latter will soon be replaced by two distinct certifications:

◉ LPIC-3 Virtualization and Containerization

◉ LPIC-3 High Availability Systems and Storage

In short, choices for specialization provided by LPI certifications are getting more varied. This is progress that reflects an enormous amount of work at LPI on developing its training programs.

The road to security

After I obtained the LPIC-3 Virtualization and High Availability certification, confirming my skills in those topics, I started studying for the LPIC-3 Security Exam. Working in a Security Operations Center, I considered this certification a reasonable step due to the extensive coverage of the certification topics.

But it is not always easy to understand how to start the preparation for such a complex exam. Let's navigate through it together.

The first thing to do is to go to check the exam Objectives. You will find the following macro-topics:

◉ Encryption

◉ Host security

◉ Access control

◉ Network Security

Each of these topics contains an increasingly detailed list of the covered Objective.

Those who already work in the field of cyber security or at least in the ICT security context, have already addressed some of these topics, but now need to acquire a Linux-based point of view about the topics. At this point, your modus operandi should follow two straightforward steps:

◉ Search for a bibliography of up-to-date information

◉ Implement a virtual laboratory.

Among some great books that help cover most of the exam topics, I would like to mention the following:

◉ Practical Linux Security Cookbook - Second Edition

◉ Mastering Linux Security and Hardening - Second Edition

◉ SELinux System Administration - Third Edition

Well, yes, I know: I have brought to your attention a book that is all (!!!) about SELinux. In addition to being an essential part of the exam and therefore of the security area, SELinux is one of the main obstacles that could complicate work for those who do not face the topic with the right attitude and knowledge.

The other books cover the topics you need to know to pass the exam and help you approach system administration in general from a much more security-oriented perspective.

Once you have grabbed those manuals, you can build a virtual laboratory that can help you test and deepen your knowledge of all the topics to be addressed, step by step. You just need a PC and a few virtual machines.

Given the exam’s structure, it’s a good idea to create at least two virtual instances: for example, one with CentOS and the other one with Ubuntu or Debian.

Among the various topics, I believe that the following should be treated with particular attention:

◉ User management and authentication

◉ Certificates, PKI, and the related protocols (SSL, TLS)

◉ Encrypting DNS

◉ Package filtering

Having the LPIC-2 certification puts you in the perfect position to scale up to the next level. Ideally, a working experience with IT security of at least three years will help you navigate the broad complexity of the exam.

Well: brace yourself, have fun!!!

Read More: Simone “Simo” Bertulli: Six years in the company of LPI

Source: lpi.org