Chapter 4: hardening Operating Systems (4.2.2 ADVANTAGE OF KERBEROS…
hardening Operating Systems
4.1.1 Define BIOS security
BIOS (basic input/output system)
program a personal computer's microprocessor uses to get the computer system started after you turn it on.
manages data flow between the computer's operating system and attached devices such as the hard disk, video adapter, keyboard, mouse and printer.
4.1.2 Explain Windows Registry
usually referred to as just the registry , is a collection of database of configuration settings in Microsoft Operating System
used to store much of the information and settings for software programs, hardware devices, user preferences, operating system configurations, and much more.
4.1.3 Use Rootkit revealer for root kit detection
rootkit is used to describe the mechanisms and techniques whereby malware, including viruses, spyware, and trojans, attempt to hide their presence from spyware blockers, antivirus, and system management utilities.
4.1.4 Configure windows services to disable all unneeded services
4.2.1 KERBEROS AUTHENTICATION
computer network authentication protocol that works on the basis of tickets.
allow nodes communicating over a non-secure network to prove their identity to one another in a secure manner.
designers aimed it primarily at a client–server model and it provides mutual authentication.
Kerberos protocol messages are protected against eavesdropping and replay attacks
4.2.2 ADVANTAGE OF KERBEROS AUTHENTICATION
standards based protocol
the determining factor in the classification of an enclave of servers/computers.
A network with a different security domain is kept separate from other networks.
Examples: NIPRNet, SIPRNet. JWICS, NSANet are all kept separate.
Internet protocol security (IPsec) is a set of protocols that provides security for Internet Protocol.
It can use cryptography to provide security.
IPsec can be used for the setting up of virtual private networks (VPNs) in a secure manner.
Also known as IPSecurity.
Windows Server authentication
secure form of authentication because the user name and password are hashed before being sent across the network.
Security Configuration Wizard
A software program that allows administrators to easily change a server's default security settings.
Three main components
A wizard interface
-A command-line interface
A security configuration database
4.4.1 Explain User & File system security administration
multiuser system, which means that all the users who are logged in to a system can read and use files that belong to one another, as long as they have the file permissions to do
4.4.2 Describe steps involve in configuring UNIX services
4.4.3Explain Framework of Pluggable Authentication Module (PAM)
enbales multiple authentication technologies to be added without changing any of the login services
the applications calls the PAM API
the request is forwarded to the appropriate authentication model - one or more(stack)
configuration is done via a pam.conf file