OpenVMS Academy System, Network and Internet Security

Course Code: VM240
Length: 5 days

Schedule and Registration

Mon, Dec 2, 2024 $3,500.00 Denver, CO
Mon, Dec 2, 2024 $3,500.00 E-Learning
Mon, May 12, 2025 $3,500.00 Denver, CO
Mon, May 12, 2025 $3,500.00 E-Learning

Course Description

This course teaches security theory and practice as it relates to the OpenVMS operating system, the network and the Internet to which it may be connected. The course incorporates our Lab+Lecture format.

Who Should Attend

System, Network and Security Administrators of OpenVMS systems who want to effectively manage a secure operating environment.

The instructor's expertise and experience enhanced the course. His ability to provide background information was excellent.

Prerequisites

Completion of OpenVMS Academy Utilities and Commands (VM100)
Completion of OpenVMS Academy System Administration (VM210)

Benefits of Attending this Class

Upon completion of this course, students will understand security and how it relates to their OpenVMS systems. They will be able to set up a secure environment that limits interference with production.

Instructor has a very logical approach to security; presented in a real world context and had excellent examples and asides.

Course Contents

Security Overview

Need for Security
Ignorance is Bliss - But it is Not Security
Vulnerabilities
Prevention vs. Detection
Security Policy
User Training
OpenVMS Builtin Security

Physical and Data Security

Console Terminal
Separation of Duties
Data and Device Security

OpenVMS Object Security

Information Security
Types of Access
UIC
Categories of Processes
Classes of Objects
UIC Based Security
Access Control List Protection
Privileges Affecting Object Security
System Parameters Affecting Object Security
Rules of Access
File and Volume Security
Security Templates
Device Security
Queue Security
Erasing of Data on Memory-Based Objects

Account Management

Accountability
Managing Accounts
Common System Accounts
UAF Flags
Expiring Accounts
UAF Files
Process Privileges
Captive and Restricted Accounts
Process Resources
General Account Guidelines
What to do When Someone Leaves
Reviewing System UAF

Login Security

Authentication, Authorization, Accounting and Auditing (AAAA)
Passwords
Programmed Control for Login Authentication
External Authentication
Automatic Login Facility
Limiting Access to Accounts
Break-in Detection
Modem Setup
Virtual Terminals
Password Grabber Programs
Process Environment

System Reliability

Process Priority
Process Quotas and Limits
Avoiding System Hangs

Network Security

Proxy Access
Network Hubs vs. Switches
Network Applications
Firewalls
Network Based Attacks
SNORT
Wireless Networking

Security Auditing and Reporting

Security Data
Components Involved in Security Auditing
Viewing Audit Server Settings
Preventing Changes to Security Auditing Settings
Security Audit Log File
Security Reporting
Security Server
Operator Communications
Accounting
Error Logs

Other Security Concerns

Logical Names
INSTALL Utility
System Startup
Applications and Procedures
Security Enhancements
Security Patches
Secure Delivery
System Files
Cluster Security
User Terminal Security
Workstation Security
COM for OpenVMS

Recovering from an Intrusion

Scope of the Intrusion
Restore System, Layered Products and Data
Deter Further Attempts
Plan Ahead

PARSEC Group CD

A CD is provided with this class that includes procedures and applications implementing many of the topics covered in this class.