Presentation is loading. Please wait.

Presentation is loading. Please wait.

Principles of Computer Security: CompTIA Security + ® and Beyond, Second Edition © 2010 Baselines Chapter 14.

Published byMorgan Hodges Modified over 8 years ago

Similar presentations

Presentation on theme: "Principles of Computer Security: CompTIA Security + ® and Beyond, Second Edition © 2010 Baselines Chapter 14."— Presentation transcript:

1 Principles of Computer Security: CompTIA Security + ® and Beyond, Second Edition © 2010 Baselines Chapter 14

2 Principles of Computer Security: CompTIA Security + ® and Beyond, Second Edition © 2010 Objectives Harden operating systems and network operating systems. Harden applications. Establish group policies.

3 Principles of Computer Security: CompTIA Security + ® and Beyond, Second Edition © 2010 Key Terms Application hardening Baseline Baselining Firmware update Globally unique identifier (GUID) Group policy Group policy object (GPO) Hardening Hotfix Network operating system (NOS)

4 Principles of Computer Security: CompTIA Security + ® and Beyond, Second Edition © 2010 Key Terms (continued) Operating system (OS) Patch Patch management Pluggable Authentication Modules (PAM) Process identifier (PID) Run levels Security template Service pack Shadow file TCP wrappers

5 Principles of Computer Security: CompTIA Security + ® and Beyond, Second Edition © 2010 Overview of Baselines The process of establishing a system’s security state is called baselining. The resulting product is a security baseline that allows the system to run safely and securely. Once the process has been completed, any similar systems can be configured with the same baseline to achieve the same level of security and protection. Uniform baselines are critical in large-scale operations.

6 Principles of Computer Security: CompTIA Security + ® and Beyond, Second Edition © 2010 Password Selection The heart of the problem is that most systems today are protected only by a simple user ID and password. Selecting a good password for all user accounts is critical to protecting information systems. This is especially true for servers. Compromise of a server can mean access to multiple user passwords.

7 Principles of Computer Security: CompTIA Security + ® and Beyond, Second Edition © 2010 Operating System and Network Operating System Hardening Common hardening tasks: ‐Disabling unnecessary services ‐Restricting permissions on files and directories ‐Removing unnecessary software ‐Applying patches ‐Removing unnecessary users ‐Applying password guidelines

8 Principles of Computer Security: CompTIA Security + ® and Beyond, Second Edition © 2010 Hardening Windows Server 2003 IIS 6 isolates individual web applications. 19 services running under Windows 2000 by default were disabled under Server 2003. Two new service accounts with lower privilege levels introduced. Security Configuration Wizard (SCW). Software Restriction Policy (SRP). Enhanced audit capabilities were provided. Network Access Quarantine Control was introduced.

9 Principles of Computer Security: CompTIA Security + ® and Beyond, Second Edition © 2010 Hardening Windows Vista User Account Control allows users to operate the system without requiring administrative privileges. An outbound filtering capability was added to Windows Firewall. BitLocker allows encryption of all data on a server, including any data volumes. Vista clients work with Network Access Protection (NAP). Windows Defender is a built-in malware detection and removal tool. A new, more-secure version of Internet Explorer.

10 Principles of Computer Security: CompTIA Security + ® and Beyond, Second Edition © 2010 Vista’s User Access Control in Action

11 Principles of Computer Security: CompTIA Security + ® and Beyond, Second Edition © 2010 Hardening Windows Server 2008 BitLocker allows encryption of all data on server. Role-based installation of functions and capabilities minimizes server footprint. Network Access Protection (NAP). Read-only domain controllers. More granular password policies. IIS 7 administration of web sites and web applications.

12 Principles of Computer Security: CompTIA Security + ® and Beyond, Second Edition © 2010 Windows 2008 Initial Configuration Tasks

13 Principles of Computer Security: CompTIA Security + ® and Beyond, Second Edition © 2010 Hardening UNIX- or Linux-based Operating Systems General UNIX hardening is the same as hardening for Windows OS ­Disable unnecessary services ­Restrict permissions on files and directories ­Remove unnecessary software ­Apply patches ­etc.

14 Principles of Computer Security: CompTIA Security + ® and Beyond, Second Edition © 2010 Hardening UNIX- or Linux-based Operating Systems (continued) ps command run on a Fedora 10 system

15 Principles of Computer Security: CompTIA Security + ® and Beyond, Second Edition © 2010 Hardening UNIX- or Linux-based Operating Systems (continued) Service configuration utility from a Fedora 10 system

16 Principles of Computer Security: CompTIA Security + ® and Beyond, Second Edition © 2010 Hardening Solaris Define the system’s purpose. Install the operating system. Install the software. –pkgadd –pkgrm Patch the system. –patchadd –patchrm –smpatch –pkgparam

17 Principles of Computer Security: CompTIA Security + ® and Beyond, Second Edition © 2010 Solaris Product Registry Tool

18 Principles of Computer Security: CompTIA Security + ® and Beyond, Second Edition © 2010 Sun Update Manager

19 Principles of Computer Security: CompTIA Security + ® and Beyond, Second Edition © 2010 Solaris Management Console

20 Principles of Computer Security: CompTIA Security + ® and Beyond, Second Edition © 2010 Hardening Solaris TCP wrappers are filters that compare incoming connection requests to lists of authorized and unauthorized connections. Controlled by two files: –hosts.allow –hosts.deny Other commands: –chmod, chown, chgrp, useradd, passwd Pluggable Authentication Modules (PAM).

21 Principles of Computer Security: CompTIA Security + ® and Beyond, Second Edition © 2010 Hardening Linux Fedora Add/Remove Software utility

22 Principles of Computer Security: CompTIA Security + ® and Beyond, Second Edition © 2010 Hardening Linux (continued) Fedora User Manager

23 Principles of Computer Security: CompTIA Security + ® and Beyond, Second Edition © 2010 Hardening Linux (continued) Fedora Firewall Configuration GUI

24 Principles of Computer Security: CompTIA Security + ® and Beyond, Second Edition © 2010 Hardening Mac OS X Apple’s operating system is essentially a new variant of the UNIX operating system. The same rough guidelines for all UNIX systems apply to Mac OS X. –Mandatory access controls for system resources –Tagged downloads –Execute disable –Library randomization –FileVault –Application-aware firewall

25 Principles of Computer Security: CompTIA Security + ® and Beyond, Second Edition © 2010 Hardening Mac OS X (continued) Firewall utility in Mac OS X 10.5

26 Principles of Computer Security: CompTIA Security + ® and Beyond, Second Edition © 2010 Hardening Mac OS X (continued) Setting file permissions in Mac OS X

27 Principles of Computer Security: CompTIA Security + ® and Beyond, Second Edition © 2010 Updates Hotfix –Small software update to address a specific problem Patch –More formal larger update –Addresses several problems –Developed over longer period of time Service pack –Collection of patches and hotfixes in on large package

28 Principles of Computer Security: CompTIA Security + ® and Beyond, Second Edition © 2010 XP Automatic Updates

29 Principles of Computer Security: CompTIA Security + ® and Beyond, Second Edition © 2010 Windows Update Utility in Vista

30 Principles of Computer Security: CompTIA Security + ® and Beyond, Second Edition © 2010 Fedora Software Package Update Utility

31 Principles of Computer Security: CompTIA Security + ® and Beyond, Second Edition © 2010 Network Hardening Securing network infrastructure components typically involves the following activities: ‐ Software updates ‐ Device configuration

32 Principles of Computer Security: CompTIA Security + ® and Beyond, Second Edition © 2010 Software Updates Maintaining current vendor patch levels for your infrastructure is one of the most important things you can do to maintain security. The different vendors for the different software and hardware must be tracked. Software and firmware for each device must be kept current.

33 Principles of Computer Security: CompTIA Security + ® and Beyond, Second Edition © 2010 Device Configuration Properly configured network devices are an important part of network hardening: –Routers, switches, firewalls, servers, proxies, etc Some general steps: –Limit access. –Choose good passwords. –Turn off unnecessary services. –Change SNMP community strings.

34 Principles of Computer Security: CompTIA Security + ® and Beyond, Second Edition © 2010 Application Hardening Securing an application against local and Internet-based attacks Securing applications typically involves the following activities: ‐ Application patches ‐ Hotfixes, patches, upgrades ‐ Patch management

35 Principles of Computer Security: CompTIA Security + ® and Beyond, Second Edition © 2010 Patch Management A disciplined approach to the acquisition, testing, and implementation of patches. Ability to inventory applications and operating systems in use –Notification of patches –Continual scanning of systems patch status –Select which patches to apply –Push patches to systems –Ability to report patch success or failure –Ability to report patch status on any or all systems in the environment

36 Principles of Computer Security: CompTIA Security + ® and Beyond, Second Edition © 2010 Windows Update Utility in Vista

37 Principles of Computer Security: CompTIA Security + ® and Beyond, Second Edition © 2010 Patch Management Windows Server Update Services

38 Principles of Computer Security: CompTIA Security + ® and Beyond, Second Edition © 2010 Group Policies Group policy Group policy object (GPO) Globally unique identifier (GUID) Microsoft’s new group policy capabilities: –Network location awareness –Ability to process without ICMP –VPN compatibility –Power management –Device access blocking –Location-based printing

39 Principles of Computer Security: CompTIA Security + ® and Beyond, Second Edition © 2010 Group Policy Object Editor

40 Principles of Computer Security: CompTIA Security + ® and Beyond, Second Edition © 2010 Security Templates A collection of security settings that can be applied to a system. They configure the following areas: Account policies Event log settings File permissions Registry permissions Restricted groups System services User rights

41 Principles of Computer Security: CompTIA Security + ® and Beyond, Second Edition © 2010 The MMC with Security Templates Snap-in

42 Principles of Computer Security: CompTIA Security + ® and Beyond, Second Edition © 2010 Chapter Summary Harden operating systems and network operating systems. Harden applications. Establish group policies.

Download ppt "Principles of Computer Security: CompTIA Security + ® and Beyond, Second Edition © 2010 Baselines Chapter 14."

Similar presentations

1 Chapter 8 Fundamentals of System Security. 2 Objectives In this chapter, you will: Understand the trade-offs among security, performance, and ease of.

1 Chapter 8 Fundamentals of System Security. 2 Objectives In this chapter, you will: Understand the trade-offs among security, performance, and ease of.
Chapter 10 Securing Windows Server 2008 MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration.

Chapter 10 Securing Windows Server 2008 MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration.
Module 6: Configuring Windows XP Professional to Operate in a Microsoft Network.

Module 6: Configuring Windows XP Professional to Operate in a Microsoft Network.
Host Hardening (March 21, 2011) © Abdou Illia – Spring 2011.

Host Hardening (March 21, 2011) © Abdou Illia – Spring 2011.
70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 13: Planning Server and Network Security.

70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 13: Planning Server and Network Security.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 9: Implementing and Using Group Policy.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 9: Implementing and Using Group Policy.
Chapter 7 HARDENING SERVERS.

Chapter 7 HARDENING SERVERS.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 14: Windows Server 2003 Security Features.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 14: Windows Server 2003 Security Features.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 14: Windows Server 2003 Security Features.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 14: Windows Server 2003 Security Features.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 10: Server Administration.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 10: Server Administration.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 9: Implementing and Using Group Policy.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 9: Implementing and Using Group Policy.
Chapter 6: Configuring Security. Group Policy and LGPO Setting Options Software Installation not available with LGPOs Remote Installation Services Scripts.

Chapter 6: Configuring Security. Group Policy and LGPO Setting Options Software Installation not available with LGPOs Remote Installation Services Scripts.
Hands-On Microsoft Windows Server 2003 Administration Chapter 3 Administering Active Directory.

Hands-On Microsoft Windows Server 2003 Administration Chapter 3 Administering Active Directory.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 10: Server Administration.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 10: Server Administration.
MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration Chapter 8 Introduction to Printers in a Windows Server 2008 Network.

MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration Chapter 8 Introduction to Printers in a Windows Server 2008 Network.
Firewall 2 * Essential Network Security Book Slides. IT352 | Network Security |Najwa AlGhamdi 1.

Firewall 2 * Essential Network Security Book Slides. IT352 | Network Security |Najwa AlGhamdi 1.
MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration Chapter 11 Managing and Monitoring a Windows Server 2008 Network.

MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration Chapter 11 Managing and Monitoring a Windows Server 2008 Network.
Installing and Configuring a Secure Web Server COEN 351 David Papay.

Installing and Configuring a Secure Web Server COEN 351 David Papay.
Installing Windows XP Professional Using Attended Installation Slide 1 of 41Session 2 Ver. 1.0 CompTIA A+ Certification: A Comprehensive Approach for all.

Installing Windows XP Professional Using Attended Installation Slide 1 of 41Session 2 Ver. 1.0 CompTIA A+ Certification: A Comprehensive Approach for all.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 1: Introduction to Windows Server 2003.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 1: Introduction to Windows Server 2003.

Similar presentations

Ads by Google