Linux Operations Playbook
RCCE students will learn Linux endpoint security including OS hardening, kernel security modules, filesystem permissions, SSH hardening, service management, and Linux audit subsystem configuration. RCCE students will learn to harden Linux operating systems following CIS Benchmarks, configure SELinux and AppArmor policies, implement secure filesystem permissions and access controls, harden SSH configurations and key management, manage systemd services and minimize attack surface, configure the Linux audit subsystem for security event collection, detect and investigate Linux-based attacks including privilege escalation, rootkit installation, and persistent backdoors, and manage Linux security patching. This operations-focused course delivers production-ready playbooks, checklists, and standard operating procedures. Starting from foundational concepts, RCCE students will learn to build repeatable day-to-day operational workflows that ensure consistency and quality. Students receive templates and frameworks they can customize and deploy immediately in their security operations, reducing time to operational effectiveness.
- Endpoint Security Engineers and EDR Analysts
- Windows and macOS Administrators managing privileges
- Identity and Access Management Engineers
- IT Security Operations Leads reducing attack surface
- Professionals implementing Linux Operations Playbook
- Execute hands-on tasks for linux operations playbook
- Explain Course Overview fundamentals
- Execute hands-on tasks for what you will learn — covering Linux OS hardening using CIS Benchmarks, SELinux and AppArmor policy configuration.
- Execute hands-on tasks for linux os hardening using cis benchmarks — covering SELinux and AppArmor policy configuration.
- Execute hands-on tasks for operational focus — covering Production-ready playbooks and checklists, Repeatable day-to-day security workflows.
- Execute hands-on tasks for attack & defense coverage — covering privilege escalation attempts, Investigate rootkit installations.
- Design a scalable privilege management architecture with policy and enforcement
- Execute hands-on tasks for user applications
- Execute hands-on tasks for system calls interface
- Execute hands-on tasks for hardware abstraction layer
- Execute hands-on tasks for security relevance — covering Each layer is an attack, Kernel = highest privilege.
- Design a scalable privilege management architecture with policy and enforcement, including Owner-based permissions, and System-enforced policies.
| Module 01 | Linux Operations Playbook |
| Module 02 | Course Overview |
| Module 03 | What You Will Learn |
| Module 04 | Linux OS hardening using CIS Benchmarks |
| Module 05 | Operational Focus |
| Module 06 | Attack & Defense Coverage |
| Module 07 | Linux Architecture Fundamentals |
| Module 08 | User Applications |
| Module 09 | System Calls Interface |
| Module 10 | Hardware Abstraction Layer |
| Module 11 | Security Relevance |
| Module 12 | Linux Security Model |
| Module 13 | RBAC (Role-Based) |
| Module 14 | Key Principle: Defense in Depth |
All hands-on labs run on Rocheston Rose X OS. Students practice linux operations playbook by implementing the controls discussed in class, with a focus on real-world deployment, monitoring, and validation.
- Lab 1: Execute hands-on tasks for linux operations playbook
- Lab 2: Explain Course Overview fundamentals
- Lab 3: Execute hands-on tasks for what you will learn
- Lab 4: Execute hands-on tasks for linux os hardening using cis benchmarks
- Lab 5: Execute hands-on tasks for operational focus
Upon successful completion of this course, students will receive an official RCCE Course Completion Certificate for Linux Operations Playbook, verifiable through the Rocheston certification portal.
- Full access to all course materials and slide decks
- Hands-on lab access on Rocheston Rose X OS environment
- Access to Rocheston CyberNotes
- Access to Rocheston Zelfire — EDR/XDR SIEM platform
- Access to Rocheston Raven — online cyber range exercise platform
- Access to Rocheston Vulnerability Vines AI