4.0 Hardering Operating System (4.2.3 Explain IPSecurity (Implement…
4.0 Hardering Operating System
4.1.1 Define A BIOS Security
Basic Input / Output System ( BIOS )
the program a personal computer's microprocessor uses to get a computer system started after turn it on.
manage data flow between the computer's operating system.
i) hard disk
ii) video adapter
iii) mouse, printer, keyboard
4.2.1 Explain Kerberos Authentication and Domain Security
computer network authentication protocols.
works on the basis of tickets to allow nodes communicating.
Benefits using Kerberos Authentication
More efficient authentication to servers.
security policy that is specifically applied to a given domain.
set of computers.
system administrators use this security policy to set security protocols for part of the network.
4.1.2 Explain Windows Registry
a collection of databases of configuration in Microsoft Windows operating systems.
used to store much information and setting.
4.1.3 Use Rootkit Revealer for Root kit Detection
to describe the mechanisms and techniques whereby malware, including viruses, spyware and trojans.
attempt to hide their presence from spyware blockers, antivirus, and system management utilities.
4.1.4 Configure Windows Service to Disable All Unneeded Service
Every version of Windows has shipped with a core set of system services that must run so that the system can perform basic operations.
your organization may not necessarily need to have all the services running, and disabling unnecessary services
This is not a definitive list of services that can be disabled; these are just some obvious ones
4.2.2 Explain Trust Relationship between Domains
an administration and communication link between two domains.
enable users accounts and global groups to be used in domain other than the domain where the accounts are defined.
make it possible for users in one domain to be authenticated by a domain controller in the other domain.
only members of the Domain Admin group can manage trust relationships.
4.2.3 Explain IPSecurity
a framework of open standard for helping to ensure private, secure communications of IP networks.
supports network-level data integrity, data confidentiality, data origin authentication and replay protection.
Implement authentication features to protect IP
Helps provide defense-in-depth against :
Two mode operation
4.4.1 USER AND FILE SYSTEM SECURITY ADMINISTRATION
File system is defined during the creation of a partition.
File system determines how and where files are placed on a hard drive with a goal of trying to optimize data retrieval speed.
4.4.2 DESCRIBE STEPS INVOLVE IN CONFIGURING UNIX SERVICES
Perform a standard installation.
Perform a custom installation
4.4.3 FRAMEWORK OF PLUGGABLE AUTHENTICATION MODULE (PAM)
a mechanism to integrate multiple lowlevel authentication schemes into a high-level application programming interface (API).It allows programs that rely on authentication to be written independently of the underlying authentication scheme.
4.3.1 Explain Windows Server Authentication
an application that facilitates authentication of an entity that attempts to access a network.
can reside in a dedicated computer, an Ethernet switch, an access point or a network access server.
Authentication is the process of determining whether someone or something is actually who or what it declares itself to be.
4.3.2 Use the following tools in Windows Server to manage the set of policies
a) Security Configuration Wizard ( SCW )
a software program that allows administrators to easily change a server's default security settings.
b) Security Configuration Editor
an administration tool that reduces both security management and analysis time.
to configure the operating system security parameters.
Once these parameters are in place, you can use the Security Configuration Editor to schedule periodic tests.
c) Active Directory Users and Computers
an MMC snap-in that is a standard feature of Microsoft Windows Server operating systems.
d) Group Policy Management Console ( GPMC )
import, export, copy, paste, back up and restore GPOs
4.3.3 Explain Windows Server Auditing and Logging
a log that contains records of login/logout activity or other security-related events specified by the system's audit policy.
one of three logs viewable under Event Viewer. Local Security Authority Subsystem Service writes events to the log.
one of the primary tools used by Administrators to detect and investigate attempted and successful unauthorized activity and to troubleshoot problems
4.3.4 Apply Windows Certification Authorities on Clients
responsible for attesting to the identity of users, computers, and organizations.
The CA authenticates an entity and vouches for that identity by issuing a digitally signed certificate.
The CA can also manage, revoke, and renew certificates.