Please enable JavaScript.
Coggle requires JavaScript to display documents.
4. OPERATING SYSTEM (ACTIVE DIRECTORY
Windows Server: hierarchical…
4. OPERATING SYSTEM
FEATURES
- Management of resources:
- Processor management - applications are allocated execution time by OS
- Memory management - allocation of real or virtual memory to applications
- Peripheral device drivers - print spooling, etc.
- File system - Logical, hierarchically oganizing, storing/retrieving data, securely/reliably providing abstractions:
File, File name, Dirrectory, instead of logical addresses: block, track, cylinder, surface, sector no's
- I/O - Human Computer Interaction (HCI), keyboard, mice, monitor, etc.
- Networking - Communicate with other machines, via cable or WiFi
- Security - Protection from data theft, damage, disruption of service, etc.
- OS's
Windows - Microsoft
Android - Google
iPhone/MAC - Apple
Linux - Community/GNU/Linux
- Device Driver
- Device controller program.
- Interface - OS/programs access HW without HW details.
- Driver - device communication by computer bus.
- calling program invokes routine in driver, that issues commands to device, that returns data, then driver invokes routines in calling program.
- Drivers HW-dependent/OS-specific.
- Provide interrupt handling for asynchronous time-dependent hardware interface.
- Internet of Things & Smart-X
- Smart devices are networked electronic devices with some degree of autonomy (AI). Usually involve sensors and actuators.
- The Internet of Things (IoT) is network of smart devices.
- Smart cities use these technologies to improve quality of life.
- TOOLS
- msconfig Tabs: General, Boot, Services, Startup, Tools
- regedit Windows registry editor
- Windows Update. Security/program updates (for all users + Administrators). Control scheduling/installation
ACTIVE DIRECTORY
Windows Server: hierarchical network directory service. Managing user permissions/access to network resources. Kerberos authentication protocol
- Windows registry - hierarchical database that contains configurations /settings for software, hardware , user profiles on a computer.
- User Profiles
- Each user has a folder inside the Users folder
- Subfolders containing documents, application settings, etc
- NTUSER.DAT file
- Registry file contains the registry settings for user account.
- Default profile - Loads first time user logs on - Stored in Users\Default
- Mandatory profile - Rename Ntuser.dat to Ntuser.man (not user configurable)
- Local Group Policy
- Microsoft Management Console (MMC) uses snap-in's that provides a single user interface to control: what all users of a PC( when logged on) can/not do
- Stored in local registry of PC, Settings OS dependant
- Local Group Policy Editor (gpedit.msc)
- Computer configuration – startup
- User configuration – logon
- Resultant Set of Policy (RSoP) report on the affect of Active Directory Group Policy settings on the network of users, computers and GPOs, when the local security policy** is applied.
- Group Policy
- Windows Server feature
- Central management
- Takes precedence over Local Group Policy (local, site, domain, OU)
- More settings than Local Group Policy
- Used to restrict user actions posing security risks
- Disabling executables downloads
- Blocking access to network locations
- Blocking access to applications
- Administration of Group Policies using GPOs (Group Policy Objects)
- The Group Policy Management Console. Creates/manages/implements group policy objects - links them to a domain or OU (Operational Unit)
- The Group Policy Object Editor. Used to configure and modify settings in any group policy object.
- Network Domain
Server running (ADDS) Active Directory Domain Service- domain controller. It authenticates and authorizes all users and computers in a Windows domain.
- Centralized administration of an entire network from a single computer called a server.
- Domain: User log-on at any networked computer
- Users access to resources with permissions.
THREATS & SECURITY
- Malware
- Disrupts operation, gathers information for exploitation Performs actions other than the intended features Includes:
- Virus malicious, self-replicates to other programs. damaging activities - corrupting/deleting data reformatting. Transferrable via network, Internet, removable media
- Worms – Exploit network security vulnerabilities to spread to other networked computers
- Trojan Horses – Seem harmless but perform malicious activities
- Spyware – Gathers personal information for exploitation
- Adware – Generates unsolicited advertisements
- Countermeasures
- Build systems securely from ground up
- Cryptography
- Network firewalls
- Intrusion detection systems
- Two factor authentication
- User training
- Backup data
- Antivirus
- Computer Security
- Backdoor (bypassing authentication)
- Denial-of-service-attacks (making a resource unavailable)
- Direct-access attacks (gaining physical access)
- Eavesdropping (intercepting communications)
- Phishing (scam emails for details from users)
- Social engineering (psychological manipulation of people into divulging confidential information.)
- Tampering (physically modifying products)
- Spoofing (masquerading as a valid entity by falsifying data)
- MITM (Man In The Middle Attacks)
- Step 1: Interception:
Initial eavesdropping before internet traffic reach destination:
- IP spoofing: IP spoofers fake the source, change data packet identifier tags, to be recognized as legit website/service.
- ARP spoofing: send a false ARP over a LAN so that the hacker’s MAC (Media Access Control) address is linked to IP (Internet Protocol) address to receive all your data.
- DNS cache poisoning attack/spoofing: change DNS cache translations to redirect to a fake site
- Step 2: Decryption
- HTTPS spoofing: Hacker installs a spoofed root security certificate so browser gives encryption key (emails or online chats)
- SSL BEAST (Browser Exploit Against SSL/TLS). Hackers exploit CBC (Cipher Block Chaining) to decrypt the data.
- SSL hijacking: Attacker PC intercepts and serves as bridge between HTTP and HTTPS. All traffic rerouted through hacker.
- SSL stripping: Attacker in the middle intecepts HTTPS (secure) and replies with stripped HTTP (non-secure). Rerouting via proxy server or ARP spoofing.
- root
- Windows equivalent = administrator
- AKA superuser
- full rights
SOFTWARE LICENCING
- Proprietary Software
- Program is under restrictive copyright
- Source code is hidden from the users
- Free Software
- Read, Modify the source code,
- Redistribute the program and code
- Open Source
- All the above but without pressure to comply with these rules.
- Source code is public.
- Can be open source first, then sold as proprietary software
- Freeware
- Copyrighted software that may be used free of charge
- Shareware
- Copyrighted software that may be used free of charge for a trial period, user pays for continued use or license.