Learn to mitigate and manage threats to OpenShift container-based infrastructure.
Red Hat Security: Securing Containers and OpenShift with exam (DO426) helps infrastructure administrators and security professionals learn and validate how to identity and mitigate threats to OpenShift container-based infrastructure.
The curriculum also covers how to implement and manage secure architecture, policies, and procedures for modern containerized applications and software-defined networking.
You will learn and validate your skills in using secure and trusted container images, registries, and source code; managing network and storage isolation; implementing application single sign-on; and configuring appropriate security constraints and service role–based access control. You will also find out how existing core Linux technologies—such as namespaces, cgroups, seccomp, capabilities, and SELinux—provide a robust and mature host environment with strongly secure containers.
Describe host security technologies.
Establish trusted container images.
Implement security in the build process.
Manage user access control.
Control the deployment environment.
Manage secure platform orchestration.
Provide secure network I/O.
Deliver secure storage I/O.
Containers and container orchestration platforms, such as OpenShift and Kubernetes, have become pervasive in enterprise computing.
Container environments have introduced new attack vectors, exploits, and vulnerabilities.
Enterprises require strong security, and the migration to containerized microservices has upended traditional network-based security models.
Developers must prove that their code, images, and deployments are trusted and secure.
This offering is intended to develop and validate the skills needed to maintain a high level of security in the evolving world of containerized applications and OpenShift installations.
OpenShift is an enterprise-grade, container-based application platform that provides the mature security of Red Hat Enterprise Linux and additional mechanisms of security assurance for service role access control, build process hardening, source image layered trust, and controlled deployment management.
These security features may help your organization efficiently reduce risk of security breaches, which have a high cost in business disruption, brand erosion, loss of customer and shareholder trust, and financial costs for post-incident remediation. In addition, your organization may be able to use the tools in this offering to help demonstrate that compliance requirements set by customers, auditors, or other stakeholders have been met.
This course is designed for professionals responsible for designing, implementing, maintaining, and managing the security of containerized applications on Red Hat Enterprise Linux systems and in Red Hat OpenShift Container Platform installations.
Including these roles: System administrators, IT security administrators ,IT security engineers ,DevOps engineers ,Cloud developers ,Cloud architects
Become a Red Hat Certified Engineer (RHCE®), or demonstrate equivalent Red Hat Enterprise Linux knowledge and experience.
Become a Red Hat Certified Specialist in OpenShift Administration, or demonstrate equivalent Red Hat OpenShift Container Platform knowledge and experience.
As a result of taking this course and exam, you should be able to use security technologies included in Red Hat OpenShift Container Platform and Red Hat Enterprise Linux to manage security risk and help meet compliance requirements.
You should be able to demonstrate these skills: Use recommend practices to ensure that images for container deployment come from trusted sources, including the use of secure registries, signed images, secure access protocols, and authorized access controls.
You should be able to demonstrate these skills: Explain and implement advanced SELinux techniques to restrict access by users, processes, and virtual machines.
You should be able to demonstrate these skills: Configure security context constraints to control the actions that pods can perform and to declare what a pod has the ability to access.
You should be able to demonstrate these skills: Implement the Linux computer security (seccomp) and Linux capabilities features to control the vulnerability footprint of a containerized application.
You should be able to demonstrate these skills: Implement and configure single sign-on for web applications, including the use of JWT for token sharing.
You should be able to demonstrate these skills: Explain and implement network isolation and encryption techniques to segregate application traffic to allow only authorized access.
You should be able to demonstrate these skills: Implement and explain storage management techniques to segregate volume storage I/O to allow only authorized access.
You should be able to demonstrate these skills: Observe and explain how the build process can be extended to include automated security testing and vulnerability scanning to ensure that no exploits are introduced into the final container images to be deployed.
You should be able to demonstrate these skills: Manage container deployment policies and configuration to control application placement, resource capacity, container affinity, and application demand scaling.
You should be able to demonstrate these skills: Manage OpenShift project access and quotas to ensure private and authorized self-service access, as well as to limit exposure to rogue tokens and denial-of-service attempts.
This course is available at :
Subscribe To Our Education Newsletter
Keep up to date to our new offers and receive e-mails about the latest courses and certificates