Please enable JavaScript.
Coggle requires JavaScript to display documents.
CHAPTER 4 HARDENING OPERATING SYSTEM (4.1 configure window services (4.1.3…
CHAPTER 4 HARDENING OPERATING SYSTEM
4.1 configure window services
is the program apersonal computer microprocessor uses to get the computer systems started after turn it on.
manage data flow between the computer os and attached devices(harddisk,video adapter,keyboard,mouse printer)
purpose- to set up hardware and further load and start on OS.BIOS instructs the computer on how tonperform a number of basic function such has booting and keyboard control
4.1.2 explain windows registry
the window registry usually refer as registry is a collection of database configuration setting in Microsoft Windows operating system.
4.1.3 use rookit revealer for rookit detection
define rookit used to describe the mechanisms and techniques whereby malware ,including viruses,spyware and trojans attempt to hide their presence from spyware blockers, antivirus, and system management utilities
rookit revealer is a proprietary freeware tool for rookit detection on microsoft windows.it run on window xp and window server 2003 (32 bits version only)
4.1.4 configure windows services to disable all unneeded services
the best way to minimize the possible attack surface is by turning off services that are not required.
BIOS user interface can perform function such as
setting the system clock
enable and disable certain system component
hardware configuration
selecting boot drives
set password prompts for secured access to bios user interface function(BIOS Security)
4.1.1 define a BIOS security
bios security is might support many different security features to protect BIOS setting and data on the hard drive and also help recover the company if it is stolen
way to protect BIOS
use bios password
flash the bios
congfigure the bios
4.2 KARBEROS AUTHENTICATION AND DOMAIN SECURITY
4.2.1 Explain kerberos authentication and domain security
kerberos
is a computer network authentication protocol that work on the basis of tickets to allow nodes communicating over a non secure network to prove their identity to prove their identity to one another in a secure manner
domain security policy is a security policy that is specifically applied to a given domain or set of computer or drives in a given system
4.2.2 explain trust relationship between domains
trust relationships are an administration and communication link between two domain
internet protocol security (IPsec) is a secure network protocol suites that authentication and encrypts the packets of data sent over an IPV4
4.3 implement the infrastructure authentication auditing of windows
4.3.1 explain windows server authentication
windows authentication is best suited for an internet environment for the following reason
client computers and web server are in the same domain
administartion can make sure that every client brownser is internet explorer 2.0 or later
4.3.2 use the following tools in windows server tomanage the set of policies
a) Security configuration wizard (scw) is a software program that allows administartin to easily changes a server default setting
b) security configuration editor is MIMC (microsoft management console) snap-in (an add-on component) that makes it possible toedit manay of the security setting discussedin this chapter using a friendly GUI
c)active directory usres and computers
d)group policy management console (GMPC)
4.3.3 explain windows server auditing and logging
1.protect data by maintainingvisibility and responding quicklyto timely security alerts
2.auditing andlogging of security related event and related allert are important component in an effective data protection strategy
security logs and reports provide you with an eletronic record of suspicious activities and help you detect pattern that may indicate attempted or successful external penetration of the network as well as internal attacks
4.you can use auditing to monitor user activity document regulatory compliance ,perform forensic analysis and more
5.allert provide immediate notification when security events occur
secure identify
secure infrastructure
secure apps and data
4.3.4 applywindows certification authorities on clients
to distribute certificates to client computer by using Group Policy
1.on the domain controller in the forest of the account partner organization , start the group Policy Management snap-in
2.find the existing Group Policy Object GPO or create new FPO to contain the certificate setting.Ensure that the GPO is associated with the domain ,site or organization unit(ou where the appropriate user and computer accounts reside
3.right click the GPO then click edit
4.in the console tree open computer configuration
right click trusted root certification Authorities and then click import
5.on the welcome tothe certificate import wizard page.click next
6.on the file import page .type the path tothe appropriate certificate files and then click next
7.on the certificate store pages ,click place all certificates in the following store and then click next.
8.on the completing the certificate import wizard page ,verifythat theinformation you provided is accurate and then clickfinish
9.repeat step 2 through 6 to add addtional certificates for each of the federation servers in the form
4.4linux security
linux security is always been a very secure operating system .it still can be attacked when compared to windows,it is much more secure than windows
4.4.1 explain user and file system security administration
read
this permission allows .user to open a file for reading ,as well as look at the content of a directory
write
this permission allows user to open and modify existing files and create new files in a directory
exucute
this permission allows user to executea file ,provided its a program
4.4.2 describe steps involve in configuring UNIX services
1.insert the windows services UNIX CD-ROM into the CD-ROM drive.
2.in the windows services for UNIX Setup W izard dialog box,click next.
3.in the user name box,type your name ,and then type the name of your organizationin the organization box.
4.in the CD key boxes,type the product key from the back of the CD-ROM caseand click then clicknext
5.read the end user license agreement (EULA) click i accept the terms and click next
6.click standard installationn and click next
7.in the security setting box clickthe securityoption youwantto use
8.in the username mapping box type the name then click next to complete the instalation
9.restart the computer to complete the installation
4.4.3 explain framework of pluggable authentication module (PAM)
program that required authentication only need toknow that there is a module available that will perform the authentication for them
PAM uses a pluggable modular architecture ,which affords the system admisnistrator a great deal of flexibility in setting authentication policies for the system