Red Hat Enterprise SELinux Policy Administration: Expertise Exam
Preparation Guide
Overview
The EX429 SELinux Policy Administration Expertise Exam tests
the ability of an RHCE to modify parameters within the included
SELinux Policy in Red Hat Enterprise Linux and to configure
custom SELinux policies.
This guide provides information candidates may use in
preparing to take the SELinux Policy Administration Expertise
Exam. Red Hat is not responsible for the content or accuracy of
other guides, books, on-line resources, or any other information
provided by organizations or individuals other than Red Hat
Global Learning Services. Red Hat reserves the right to change
this Guide when appropriate and candidates who have enrolled in
forthcoming classes or exams are advised to check this guide
periodically for changes.
Performance-based Exams
This exam is a performance-based evaluations of system
administration skills and knowledge. Candidates perform a number
of routine system administration tasks and are evaluated on
whether they have met specific objective criteria.
Performance-based testing means that candidates must perform
tasks similar to what they perform on the job.
Prospective employers of people with the SELinux Policy
Administration Certificate of Expertise credential should verify
any and all claims by people claiming to hold one of this
credential by requesting their certificate number and verifying
it.
Authorized Training Partners
Only Red Hat and Red Hat Certified Training Partners
administer this exam. Prospective candidates should exercise due
diligence when purchasing a seat in an exam from a provider
other than Red Hat itself. They should verify that the provider
is, in fact, an authorized training partner in good standing.
Official scores for this exam come exclusively from Red Hat
Certification Central. Red Hat does not authorize examiners or
training partners to report results to candidates directly.
Scores on the exam are usually reported within five (5) US
business days.
Exam results are reported as section scores. Red Hat does not
report performance on individual items, nor will it provide
additional information upon request.
Preparation for the EX429 SELinux Policy Administration
Expertise Exam
Red Hat encourages all candidates for the SELinux Policy
Administration Expertise Exam to consider taking RHS429 Red Hat
Enterprise SELinux Policy Administration Attendance in this
class is not required, so one can choose to take just the exam.
Many successful candidates who have come to class already
possessing substantial skills and knowledge have reported that
the class made a positive difference for them.
While attending Red Hat classes can be an important part of
one's preparation to take this exam, attending class does not
guarantee success on the exam. Previous experience, practice,
and native aptitude are also important determinants of success.
Many books and other resources on system administration for Red
Hat's products are available. Red Hat does not officially
endorse any as preparation guides for its exam. Nevertheless,
you may find additional reading deepens understanding and can
prove helpful.
Components of the EX429 Exam
The EX429 exam is organized into two sections:
- SELinux Policy Writing: 2.5 hours
- Targeted Policy System Maintenance: 1.0 hours
In order to earn the EX429 SELinux Policy Administration
Certificate of Expertise, one must earn a score of 70 or higher
for SELinux Policy writing and a score of 80 or higher for
Targeted Policy System Maintenance.
Study Points for the Exam
Prerequisite skills for the Exam
Candidates must be a Red Hat Certified Engineer on a release
that is considered current in order to take this exam.
SELinux Policy Administration
Candidates should be able to perform the tasks listed below.
SELinux Policy Writing
- Specify an enforcement mode
- Specify a particular policy
- Update a system to use the latest SELinux packages
- Create and implement a custom policy module to support a
given service, including:
- Port bindings
- File and directory access
- Type transitions
- Default file types
- Booleans
- Type Aliases
- Targeted Policy System Maintenance
- Specify an enforcement mode
- Specify a particular policy
- Modify an existing policy including:
- Port bindings
- File and directory access
- Type transitions
- Default file types
- Booleans
- Type Aliases
- Backup/Restore a filesystem preserving SELinux
attributes
As with all Red Hat performance-based exams, configurations
must persist after reboot without intervention.
Red Hat Courses Covering These Skills
RHS429 Red Hat Enterprise SELinux Policy Administration
RHS429 provides a four day tutorial on SELinux and SELinux
policy writing. The first day of the course provides a
introduction to SELinux, how it operates within the Red Hat
targeted policy, and the tools used to manipulate it. The class
then will spend the remaining days learning how policies are
written, compiled, and debugged.