5.7. Exam Essentials

Be able to describe the process of hardening an operating system

Make sure all the products used in a network are kept up-to-date with the most current release. Apply service packs and security updates on a regular basis.

Be able to identify the capabilities of the various filesystems used

Different filesystems have different security capabilities. The least secure is FAT, which provides only share-level and user-level security. Most of the truly networked filesystems provide access down to the individual file or directory level. The method used by Unix allows each individual file to have Read, Write, or Execute permissions for security. The filesystem can be configured when the system is installed. Unix filesystems are considered the most secure for commercial applications.

Know the types of updates used in systems

The three common methods for updating are hotfixes, service packs, and patches. Hotfixes are usually applied to a system in real time in order to continue operations until a permanent fix can be made. Service packs are groups of updates for a system or application. Service packs typically replace entire programs. Patches are made to systems to solve a problem or to bypass a particular malfunctioning system.

Be able to discuss the methods of turning off unneeded protocols and services

In the Unix environment, a script file for protocols and services is run at startup. Commenting out protocols that aren't needed is the primary method used to turn off protocols in Unix. In the Windows environment, the Services manager is one of the primary methods (along with policies) used to disable a service.

Know how ACLs work

Access control lists (ACLs) are used to identify systems and specify which users, protocols, or services are allowed. ACL-based systems can be used to prevent unauthorized users from accessing vulnerable services.

Be able to discuss the weaknesses and vulnerabilities of the various applications that run on a network

Web, e-mail, and other services present unique security challenges that must be considered. Turn off services that aren't needed. Make sure applications are kept up-to-date with security and bug fixes. Implement these services in a secure manner, as the manufacturer intended; this is the best method for securing applications.

Be able to identify the purpose and common protocols used for directory services

The most commonly implemented directory service is LDAP. LDAP allows users to globally publish information that they want others to know. This process is done using an LDAP server or service. Other directory services are DNS, AD, eDirectory, and X.500. Most directory services are implemented in a hierarchical manner that allows objects to be uniquely identified.