Extend fundamentals course to discuss build/distribution security

[david-a-wheeler]

The existing OpenSSF fundamentals course has some material on build and distribution security. It'd be useful to expand that using information from SLSA, SSC, and other materials.

Completing this would fulfill this issue: ossf/wg-best-practices-os-developers#92