VMware vRealize Automation SaltStack SecOps: Deploy and Manage [V8.6] (EDU-VRASSSODM86)

This two-day, hands-on training course provides you with the advanced knowledge, skills, and tools to achieve competency in using VMware vRealize® Automation SaltStack® SecOps. SaltStack SecOps allows you to scan your system for compliance against security benchmarks, detect system vulnerabilities, and remediate your results. This course enables you to create the SaltStack SecOps custom compliance libraries and use SaltStack SecOps. In addition, this course provides you with the fundamentals of how to use VMware vRealize® Automation SaltStack® Config to install software and manage system configurations.


Objectives

By the end of the course, you should be able to meet the following objectives:

  • Describe the architecture of SaltStack Config and SaltStack SecOps
  • Integrate SaltStack Config with directory services.
  • Configure roles and permissions for users and groups to manage and use SaltStack SecOps
  • Use targeting to ensure that the jobs run on the correct minion systems
  • Use remote execution modules to install the packages, transfer files, manage services, and manage users on minion systems
  • Manage configuration control on the minion systems with states, pillars, requisites, and declarations
  • Use Jinja and YAML code to manage the minion systems with the state files
  • Enforce the desired state across minion systems automatically
  • Use SaltStack SecOps to update the compliance and vulnerability content libraries
  • Use SaltStack SecOps to enforce compliance and remediation on the infrastructure with industry standards
  • Use SaltStack SecOps to provide automated vulnerability scanning and remediation on your infrastructure

 

Intended Audience

Security administrators who are responsible for using SaltStack SecOps to manage the security operations in their enterprise

 

Prerequisites

You should have the following understanding or knowledge:

  • Basic Linux administration skills
  • Basic Windows administration skills
  • Knowledge and working experience of VMware vSphere® environments

 

Product Alignment

  • VMware vRealize® Automation SaltStack® Config 8.6
  • VMware vRealize® Automation SaltStack® SecOps 8.6
  • VMware vRealize® Automation 8.7
Mostra dettagli


Course Outline

1 Course Introduction

  • Introductions and course logistics
  • Course objectives


2 SaltStack Config Architecture  

  • Identify the SaltStack Config deployment types
  • Identify the components of SaltStack Config
  • Describe the role of each SaltStack Config component


3 SaltStack Config Security

  • Describe local user authentication
  • Describe LDAP and Active Directory authentication
  • Describe the roles and permissions in vRealize Automation for SaltStack Config
  • Describe the roles and permissions in SaltStack Config
  • Describe the SecOps permissions in SaltStack Config
  • Describe the advanced permissions available in SaltStack Config


4 Targeting Minions

  • Describe targeting and its importance
  • Target minions by minion ID
  • Target minions by glob
  • Target minions by regular expressions
  • Target minions by lists
  • Target minions by compound matching
  • Target minions by complex logical matching


5 Remote Execution and Job Management  

  • Describe remote execution and its importance
  • Describe functions and arguments
  • Create and manage jobs
  • Use the Activities dashboard


6 Configuration Control Through States, Pillars, Requisites, and Declarations  

  • Define the SaltStack states
  • Describe file management in SaltStack Config
  • Create the SaltStack state files
  • Identify the components of a SaltStack state
  • Describe pillar data and the uses of pillar data
  • Configure pillar data on the SaltStack Config master server
  • Use pillar data in variables in the state files
  • Describe the difference between IDs and names in the state files
  • Use the correct execution order
  • Use requisites in the state files


7 Using Jinja and YAML

  • Describe the SaltStack Config renderer system
  • Use YAML in the state files
  • Use Jinja in the state files
  • Use Jinja conditionals, lists, and loops


8 Using SaltStack SecOps Comply

  • Describe the SaltStack SecOps Comply architecture
  • Describe CIS and DISA STIG benchmarks
  • Describe the SaltStack SecOps Comply security library
  • Describe the remediation differences between SaltStack SecOps and VMware Carbon Black®
  • Create and manage the policies
  • Create and manage the custom checks
  • Run assessments on the minion systems
  • Use SaltStack SecOps to remediate the noncompliant systems
  • Manage the SaltStack SecOps Comply configuration options
  • Manage the benchmark content ingestion


9 Using SaltStack SecOps Protect

  • Describe Common Vulnerabilities and Exposures (CVEs)
  • Use the Protect dashboard
  • Create and manage the policies
  • Update the vulnerability library
  • Run the vulnerability scans
  • Remediate the vulnerabilities
  • Manage the vulnerability exemptions