Modern enterprises rely on Linux for critical workloads. SELinux (Security-Enhanced Linux) is one of the most powerful but often misunderstood security technologies in the Linux ecosystem. Without proper training, teams often leave SELinux disabled or misconfigured, exposing systems to unnecessary risks.

This course enables your staff to:
• Confidently understand and manage SELinux
• Apply least-privilege principles in enterprise environments
• Troubleshoot SELinux issues effectively
• Strengthen overall Linux system security posture

Audience:
System administrators, DevOps engineers, security teams, and IT professionals
responsible for Linux system security.

What Participants Will Learn

By the end of the course, participants will:
• Understand SELinux architecture, components, and policy model
• Configure and manage SELinux users, roles, and types
• Apply Role-Based Access Control (RBAC) and Type Enforcement (TE)
• Use Multi-Level and Multi-Category Security (MLS/MCS) in real-world scenarios
• Create and manage SELinux policies
• Troubleshoot with audit logs and policy tools
• Apply SELinux in networking, virtualization, and containers

Training Modules

• Introduction to SELinux
• Core SELinux Components
• Mandatory Access Control (MAC)
• SELinux Users
• Role-Based Access Control (RBAC)
• Type Enforcement (TE)
• MLS & MCS
• Security Contexts
• Creating a Basic Security Policy
• Computing Security Contexts and Access Decisions
• Subjects
• Objects
• Domain / Object Transitions
• SELinux Policies
• SELinux Audit
• Userspace Libraries
• SELinux Networking
• SELinux Virtual Machines and Containers
• SELinux Configuration Files
• SELinux Policy Store
• Policy Languages
• Kernel Policy Language
• Reference Policy
• Hardening SELinux
• SELinux-Aware Applications

Training Schedule (2 Days)

Day 1 – Foundations
• SELinux Overview and Core Components
• Mandatory Access Control (MAC)
• SELinux Users and Role-Based Access Control (RBAC)
• Type Enforcement (TE)
• MLS and MCS and Security Contexts

Day 2 – Advanced Topics and Hands-On
• Writing and Managing SELinux Policies
• Computing Security Contexts and Access Decisions
• Subjects, Objects and Domain Transitions
• SELinux Audit and Troubleshooting
• SELinux in Practice: Networking, Virtualization, Containers
• Policy Store
• SELinux Hardening
• SELinux-Aware Applications

Each day runs 09:00–17:00 with lunch and coffee breaks.

Key Takeaways
After the course, your team will have practical skills to configure, manage, and troubleshoot SELinux. They will be able to enforce strong security boundaries on Linux systems. They will
understand how to integrate SELinux in enterprise IT environments. They will improve system resilience against misconfigurations and attacks.

Delivery
Format: Instructor-led training, with hands-on labs and real-world examples
Duration: 2 full days (09:00–17:00)
Requirements: Basic Linux administration skills