SEC504: Hacker Tools, Techniques, and Incident Handling
SEC504Offensive Operations
SEC406: Linux Security for InfoSec Professionals
SEC406Cyber Defense
- 5 Days (Instructor-Led)
- 30 Hours (Self-Paced)
Course created by:
Charles Goldner & Mark Baggett
Course created by:Charles Goldner & Mark Baggett
- 30 CPEs
Apply your credits to renew your certifications
- In-Person, Virtual or Self-Paced
Attend a live, instructor-led class at a location near you or remotely, or train on your time over 4 months
- Essential Skill Level
Course material is for individuals with an understanding of IT or cyber security concepts
- 30 Hands-On Lab(s)
Apply what you learn with hands-on exercises and labs
Gain fundamental knowledge and proficiency in Linux. With Linux security training, you’ll learn skills to secure Linux systems and implement the needed measures to protect them.
Featured Quote
Even though I have been using Linux for a while, I learned a lot of things I didn't know or understand, and now it makes sense.
Course Overview
Many security professionals are more familiar with Windows than Linux, yet Linux is essential for cybersecurity roles. This Linux cybersecurity course provides hands-on training to build Linux skills for system security, threat detection, and risk mitigation. You’ll learn how misconfigurations create vulnerabilities, how attackers exploit them, and how to defend against threats. In the process, you’ll become an asset to any security team.
What You’ll Learn
- Master Linux command-line navigation
- Apply system hardening best practices
- Manage user access and authentication
- Audit logs and detect security threats
- Monitor processes and optimize performance
- Implement Linux incident response
- Secure remote access and manage software with packages
Business Takeaways
- Harden Linux to reduce security risks
- Detect and respond to threats faster
- Ensure compliance with security controls
- Optimize processes, logs, and resources
- Secure remote access and network trafficProtect data with encryption and firewalls
- Build in-house Linux security expertise
Meet Your Authors
- Slide 1 of 2
Charles Goldner
Certified InstructorCharles “Charlie” Goldner is a Senior Technical Engineer at Counter Hack. With over two decades of experience working for SANS, the U.S. Army, and the Nevada National Guard, he brings a wealth of public and private sector expertise to the classroom.
Read more about Charles Goldner - Slide 2 of 2
Mark Baggett
FellowMark Baggett has revolutionized cybersecurity through his leadership at SANS. His development of tools like Freq Server has strengthened threat detection, while his work in automation has empowered professionals to defend against evolving threats.
Read more about Mark Baggett
Slide 1 of 0
(1/0)
Course Syllabus
Explore the course syllabus below to view the full range of topics covered in SEC406: Linux Security for InfoSec Professionals.
Section 1Linux Command Line
Section one covers the Linux operating system, kernel, and terminal basics. You will learn to navigate the file system, execute programs, and refine search results using manual pages. The section also explores command history, completion, and file management. It concludes with mastering the Visual Editor for security and administration.
Topics covered
- Kernel, Operating System, and Distributions
- Terminals and Manual pages
- Command History
- Navigation and File Management
- Visual Editor
Labs
- Introduction to Shell
- Linux Commands
- History and Navigating
- File Management
Section 2Shell Syntax and Account Management
This section expands on terminal skills, focusing on file search, grep usage, and system customization with variables and aliases. You will learn to manage accounts, groups, and file ownership. Advanced file management techniques, including creating, copying, moving, deleting, and using filters and pipes, are also covered.
Topics covered
- Searching the Filesystem
- Various Forms of Grep
- Environment Variables and Aliases
- Account Management and Switching Users
- Group Management and File Ownership
Labs
- Finding Files
- Grep and Environment Variables
- Aliases and Redirection Piping
- User and Group Management
- File Ownership
Section 3File and User Access Control
Section three covers user access control, least-privilege enforcement, and security in Linux. You will learn to manage users, groups, and permissions, translating skills from networking or Windows backgrounds. This section also covers securing administrative credentials and auditing system settings to ensure proper security configurations.
Topics covered
- File permissions
- Special permissions
- Sudoers
- SELinux and AppArmor
Labs
- File Permissions
- Special Permissions
- Permission Practical
- Sudoers Config
- System Hardening
Section 4Process and Log Management
As you migrate to the cloud and use containers, limiting resource consumption helps prevent unexpected costs and ensures server availability. In Section 4, you’ll learn to manage processes, handle core dumps, and enhance incident response with task scheduling, user activity records, and log management.
Topics covered
- Resource limits
- Process management and Scheduling
- Services, Systemd, and init
- Logging and Log Rotation
- Auditd
Labs
- Managing Processes
- Jobs Control
- Managing Crontab and Services
- Managing Log Files
Section 5Package, SSH, and Network Management
Section five covers package management, remote server management via SSH, and networking. You’ll learn to use package managers, manage Python virtual environments, and compile packages. The section also covers encryption, secure communication with SSH, SCP, OpenSSL, and managing networking and firewalls.
Topics covered
- Python package management
- Installing and Running Open-Source Software
- Linux package management
- SSH, Tunneling, and Post-Quantum Cryptography
- Networking and Firewalls
Labs
- Managing Python
- Installing with Apt and from Source
- SSH Keys, Config, Agent, and Forwarding
- Firewalls
Things You Need To Know
Course Schedule & Pricing
Looking for Group Purchasing Options?Contact Us
OnDemand Bundle
When purchasing a live, instructor-led course, add 4 months of online access. View price in the info icons below.
SANS Skills Quest by NetWars Core Edition
Add 6 months of hands-on skills practice. Add to your cart when purchasing your course.
Filter by:
Location & instructorDate & TimeCourse priceEnrollment options
- Location & instructor
Virtual (OnDemand)
Instructed by Charles GoldnerDate & TimeOnDemand (Anytime)Self-Paced, 4 months accessCourse price$7,650 USD*Prices exclude applicable local taxesEnrollment options - Location & instructor
Washington, DC, US & Virtual (live)
Instructed by Charles GoldnerDate & TimeFetching schedule..View event detailsCourse price$7,650 USD*Prices exclude applicable local taxesEnrollment options - Location & instructor
Virtual (live)
Instructed by Charles GoldnerDate & TimeFetching schedule..View event detailsCourse price€7,190 EUR*Prices exclude applicable local taxesEnrollment options - Location & instructor
Las Vegas, NV, US & Virtual (live)
Instructed by Charles GoldnerDate & TimeFetching schedule..View event detailsCourse price$7,650 USD*Prices exclude applicable local taxes - Location & instructor
Orlando, FL, US & Virtual (live)
Date & TimeFetching schedule..View event detailsCourse price$7,650 USD*Prices exclude applicable local taxesEnrollment options
Showing 5 of 5
Learn Alongside Leading Cybersecurity Professionals From Around The World
- Slide 1 of 3I am learning new things that I never used before and remembering things I have forgot.
- Slide 2 of 3[SEC406] has a ton of useful knowledge around Linux.
- Slide 3 of 3I really like the way the course was presented. Great flow and easy to follow along with.
Slide 1 of 0
(1/0)
Benefits of Learning with SANS
Get feedback from the world’s best cybersecurity experts and instructors
Choose how you want to learn - online, on demand, or at our live in-person training events
Get access to our range of industry-leading courses and resources