Passed EX415 Security

The last one to attain RHCA.

EX415 Exam Experience

I took an individual exam that was based on RHEL 7.5. I had a minor network issue at the start of the exam, but it went away and luckily, made no impact.

The task list is sufficient for a 4 hour exam, but it isn’t the most challenging one. I feel that knowing Ansible and Satellite helped me a great deal. Also, EX415 is the exam where it can take more time to test and verify the solution than to implement it.

The exam score came back 235/300.

The result is fair. I solved all questions, some in full, some not so much. The exam score reflects that.

Exam Preparation in Numbers

The exam objectives cover several different topics, I spent around 45 hours going through the course and studying documentation (SELinux and auditd have a lot of material), and 40 hours labbing.

I’m not new to LUKS, but NBDE with Tang and Clevis was something that I spent a fair share of time looking into.

16 thoughts on “Passed EX415 Security

  1. Hey Tomas, What Study Material would you recommend for the exam? You Helped me greatly with RHCE and would like your advice on the EX415 it doesnt look like ill be able to obtain a subscription with redhat learning (Too expensive). And would need to self study, would it be possible to do this without the class?

    • RHEL 7 Security Guide. It covers a lot of material and, I believe, all non-Satellite related exam objectives.

      You need to know how to use Satellite with OpenSCAP, so get Foreman with Katello installed and have a play with it.

  2. Congratulations on passing the exam, and also for this site, that you have created!
    EX415 Security is different than the EX413 Server Hardening i guess. What would you recommend as a study guide?
    EX413 has similar exam objectives with LPIC-3 Security.

  3. Congrats. Please tell me, do you know how to use USBGuard to create allow rule for specified filesystem?

    • Hi, I’d suggest to deploy a couple of CentOS VMs and go through the exam objectives. VMs with 2GB RAM each should be more than plenty.

      You can practise the following.

      Deploy a Tang server on one VM and then configure Clevis service on the other. Install and configure USBGuard, try inserting a USB storage device and configure rules to block access to it. Install and configure Aide, generate a report. Configure PAM rules to check for password quality, add a fail delay. Configure STIG audit rules. Get familiar with SELinux, there are plenty of hardening guides on the Internet to help you out. Install OpenSCAP Workbench and create some SCAP reports.

  4. How to create SCAP reports without using workbench? We would only have terminals and workbench is a graphical utility.

    • Hi, you can use the oscap command to scan a system and use the resulting XML file to generate a complete report in HTML format.

  5. Hi Sparsh, you can install workbench to remote machine and connect via ssh -X serevra. then run workbench on remote machine it will pop-up in your host machine.

  6. hi i tested this exam yesterday
    but i am failed.
    I got zero score at the part of usbguard and aide.
    what happend you think?
    I did configuration about usbguard’s rule file and aide.conf.
    plz give me some hints :)

    • Hi, sorry to hear that. It’s likely that you misconfigured something, and as a result the grading script did not find what it was looking for. Practise the questions that you got zero scores for, and better luck next time!

  7. Hi,
    Do we need to enable GUI for running the scap-workbench? I am not sure how to perform the tailoring of SCAP policies without that tool.

    Any help will be appreciated.

    • Hi Don, you can enable GUI if you prefer that, or you can use X11 forwarding with SSH to run graphical applications remotely.

Leave a Reply

Your email address will not be published. Required fields are marked *