Detailed Course Outline
Module 1: Course Introduction
- Introductions and course logistics
- Course objectives
Module 2: SaltStack Config Overview and Architecture
- Identify the SaltStack Config deployment types
- Identify the components of SaltStack Config
- Describe the role of each SaltStack Config component
Module 3: SaltStack Config Security
- Describe local user authentication
- Describe LDAP and Active Directory authentication
- Describe the roles and permissions in vRealize Automation for SaltStack Config
- Describe the roles and permissions in SaltStack Config
- Describe the SecOps permissions in SaltStack Config
- Describe the advanced permissions available in SaltStack Config
Module 4: Targeting Minions
- Describe targeting and its importance
- Target minions by lists
- Target minions by glob
- Target minions by minion ID
- Target minions by regular expressions
- Target minions by compound matching
- Target minions by complex logical matching
Module 5: Remote Execution and Job Management
- Describe remote execution and its importance
- Describe functions and arguments
- Create and manage jobs
- Use the Activities dashboard
Module 6: SaltStack Config State
- Define the SaltStack states
- Describe file management in SaltStack Config
- Create the SaltStack state files
- Identify the components of a SaltStack state
Module 7: Using Jinja and YAML
- Describe the SaltStack Config renderer system
- Use YAML in the state files
- Use Jinja in the state files
- Use Jinja conditionals, lists, and loops
Module 8: Using SaltStack SecOps Compliance
- Describe the SaltStack SecOps architecture
- Describe CIS and DISA STIG benchmarks
- Describe the SaltStack SecOps Compliance security library
- Create and manage the policies
- Create and manage the custom checks
- Run assessments on the minion systems
- Use SaltStack SecOps to remediate the noncompliant systems
- Manage the SaltStack SecOps Compliance configuration options
- Manage the benchmark content ingestion
Module 9: Using SaltStack SecOps Vulnerability
- Describe Common Vulnerabilities and Exposures (CVEs)
- Use the vulnerability dashboard
- Create and manage the policies
- Update the vulnerability library
- Run the vulnerability scans
- Remediate the vulnerabilities
- Manage the vulnerability exemptions