🌐 🇵🇱 Polski · 🇬🇧 EN
EX333 is a Red Hat exam aimed at certified engineers who already hold the RHCE certification. The exam tests skills related to securing systems in terms of host-based, user-based, and cryptographic security techniques, along with network service access control skills. The exam consists of practical tasks to be solved, similar to typical administrative tasks encountered in daily work. The scope of the material covers knowledge that allows for understanding, preventing, detecting, and properly responding to sophisticated threats and attacks directed at corporate systems operating in a Red Hat environment. This knowledge equips Red Hat administrators with the information necessary to implement and apply the appropriate tools to ensure an adequate level of security.
EX333 exam components
The exam is divided into two sections:
- Centralized authentication security: 3 hours
- Network services security: 3 hours
To successfully pass the exam, you must achieve a score of above 70 points in each section.
Required knowledge scope.
- Authentication security
- Configuring a NIS server to provide directory services
- Configuring Kerberos for user authentication
- Configuring an NFSv4 server
- Configuring a NIS network client for directory services
- Configuring network clients for authentication using Kerberos
- Configuring network clients to mount NFSv4 server resources
- Configuring r-client (rlogin, rcp, etc.) and telnet to use Kerberos
- Network services security
- Using xinetd and TCP wrappers for network service access control
- Configuring Postfix and Sendmail mail services to:
- Filter messages based on their characteristics
- Use TLS for secure communication
- Use real-time blacklists via DNS
- Configuring POP/IMAP using SSL/TLS for secure communication
- Configuring the following DNS aspects:
- Master domain
- Slave domain
- Views
- Forwarders
- Blacklists (RBL)
- TSIG
- Using GPG tools to:
- Generate a key pair
- Sign documents
- Encrypt documents
- Decrypt documents
- Verify document signatures
- Configure a Certificate Authority (CA) and handle certificate requests
- Configuring httpd using SSL and a certificate signed by a certificate authority
- Configuring httpd using password authentication and access from a specific network location
- Configuring an FTP server:
- Using the FTP server exclusively for users
- Implementing host-level security
All implemented settings and configurations must persist after a system reboot.
Material prepared based on information from the RedHat website:

Comments