Documents

Block 2(1)

Description
Description:
Categories
Published
of 62
All materials on our website are shared by users. If you have any questions about copyright issues, please report us to resolve them. We are always happy to assist you.
Related Documents
Share
Transcript
  Information Security and Risk Management 64  Amity Directorate of Distance and Online Education Notes Unit 2: Computer Security Structure: 2.1 Hardening (Computing)2.1.1 Operating System2.1.2 Application Code2.2 File System Security2.2.1 File2.2.2 File Structure2.2.3 File Type2.2.4 File Access Mechanisms2.2.5 Operating System Variations for File System Security2.3 Local Security Policy in Windows2.3.1 Opening Local Security Policy Console in Windows2.3.2 Defining a Password Policy in Windows2.3.3 Defining an Account Lockout Policy2.3.4 Defining an Audit Policy2.3.5 Setting Basic Security Options2.3.6 Applying Changed Settings in Local Security Policy2.4 Default Accounts2.4.1 Removing Unnecessary Default User Accounts2.5 Network Activity2.6 Malicious Code2.6.1 Malicious Code in Java2.6.2 Malicious Code Threatens Enterprise Security2.6.3 How to Avoid Malicious Code?2.6.4 Test for Malicious Code with Vera Code2.7 Firewall2.7.1 Introduction2.7.2 Firewall Logic2.7.3 Firewall Rules2.7.4 Types of Firewall2.7.5 Understanding Packet-filtering Firewalls2.7.6 Understanding Application/Proxy Firewalls2.7.7 Understanding Reverse Proxy Firewalls2.8 Fault Tolerant System2.8.1 Faults2.8.2 Approaches to Faults2.8.3 Achieving Fault Tolerance2.8.4 Levels of Availability2.8.5 Active Replication2.8.6 Primary Backup (Active Standby) Approach  Computer Security 65   Amity Directorate of Distance and Online Education Notes 2.8.7 Agreement in Faulty Systems2.8.8 Examples of Fault Tolerance2.9 Backup2.9.1 Storage: The Base of a Backup System2.9.2 Managing the Data Repository2.9.3 Selection and Extraction of Data2.9.4 Files2.9.5 File Systems2.9.6 Live Data2.9.7 Limitations2.10 Uninterruptible Power Supply (UPS)2.10.1 Common Power Problems2.10.2 Technologies2.10.3 Online/Double-conversion UPS2.10.4 Other Designs2.11 Summary2.12 Check Your Progress2.13 Questions and Exercises2.14 Key Terms2.15 Check Your Progress: Answers2.16 Case Study2.17 Further Readings Objectives  After studying this unit, you should be able to understand:   Local security policies   Firewall   File System Security   Backup and UPS   Default Account   A case study based on this unitComputer Security is the protection of computing systems and the data that theystore or access. Why is Computer Security Important? Computer Security allows the University to carry out its mission by:   Enabling people to carry out their jobs, education, and research   Supporting critical business process   Protecting personal and sensitive informationGood Security Standards follow the “90/10” Rule:   10% of security safeguards are technical.   90% of security safeguards rely on the computer user (“YOU”) to adhere togood computing practices.  Information Security and Risk Management 66   Amity Directorate of Distance and Online Education Notes  Example:  The lock on the door is the 10%. You remembering to lock the lock,checking to see if the door is closed, ensuring others do not prop the door open, keepingcontrol of the keys, etc. is the 90%. You need both parts for effective security. 2.1 Hardening (Computing) In computing,  hardening  is usually the process of securing a system by reducing itssurface of vulnerability. A system has a larger vulnerability surface the more functions itfulfills; in principle, a single-function system is more secure than a multipurpose one.Reducing available vectors of attack typically includes the removal of unnecessarysoftware, unnecessary usernames or logins and the disabling or removal of unnecessaryservices. Making a user’s computer more secure. It ensures that the latest patches to operating systems , web browsers and other vulnerable applications are automaticallyapplied. It may also include the disabling of file sharing as well as establishing loginpasswords.Bullet-proof network operating systems does not exist, but there are somecommon-sense steps that IT managers can take to make the NOS a less-attractive targetfor mischief-makers (and worse).   Identify and remove unused applications and services. The fewer componentsintruders can get their hands on, the better off your networks will be.   Implement and enforce strong password policies. Remove or disable allunnecessary accounts. This includes immediately removing accounts whenworkers leave the company.   Limit the number of administrator accounts available, and make sure users andIT staff have only the privileges they need to do their jobs.   Set account lockout policies to discourage password cracking.   Remove unused file shares.   Keep an eye out for new security patches and hot fixes.   Log all user account and administrative task transactions. This is an extremelyimportant step for forensics if your network OS does get hacked.   Beware of “social engineering” tactics. Make sure that no one gives outimportant security information such as administrator passwords without gettingapproval from managers.   Keep asecure backupsolutionhandyto restore allsystemsincase ofemergency. 2.1.1 Operating System  An operating system (OS) is a collection of software that manages computer hardware resources and provides common services for computer programs. Theoperating system is a vital component of the system software in a computer system.In technical terms, it is a software which manages hardware. An operating systemcontrols the allocation of resources and services such as memory, processors, devicesand information. Definition  An operating system is a program that acts as an interface between the user and thecomputer hardware and controls the execution of all kinds of programs.  Computer Security 67   Amity Directorate of Distance and Online Education Notes Following are some of important functions of an operating system.   Memory Management   Processor Management   Device Management   File Management   Security   Control over System Performance   Job Accounting   Error Detecting Aids   Coordination between Other Software and Users Memory Management  Memory management refers to management of Primary Memory or Main Memory.Main memory is a large array of words or bytes where each word or byte has its ownaddress.Main memory provides a fast storage that can be accessed directly by the CPU. So,for a program to be executed, it must be in the main memory. Operating System does thefollowing activities for memory management.   Keeps tracks of primary memory, i.e., what part of it are in use by whom andwhat part are not in use.   In multiprogramming, OS decides which process will get memory when andhow much.   Allocates the memory when the process requests it to do so.   De-allocates the memory when the process no longer needs it or has beenterminated. SoftwareHardwareSystemSoftwaresApplicationSoftwaresOperating SystemCPU RAM I/OUser 1 User 2 User n
Search
Tags
Related Search
We Need Your Support
Thank you for visiting our website and your interest in our free products and services. We are nonprofit website to share and download documents. To the running of this website, we need your help to support us.

Thanks to everyone for your continued support.

No, Thanks
SAVE OUR EARTH

We need your sign to support Project to invent "SMART AND CONTROLLABLE REFLECTIVE BALLOONS" to cover the Sun and Save Our Earth.

More details...

Sign Now!

We are very appreciated for your Prompt Action!

x