Guide to Operating Systems Security
0-619-16040-3
Guide to Operating Systems Security
Chapter 11 Solutions
Answers to the Chapter 11 Review Questions
1.
You are consulting for a small company that has one server, containing one large disk of information.
The company wants to establish some type of fault tolerance through implementing RAID and is
willing to purchase extra disk drives, if necessary. Which of the following options make the most sense
for this company?
Answer: b. RAID level 1
2.
A bank uses NetWare servers for databases housing information about customer accounts, including
account activity. Which of the following do you recommend that the bank should use to ensure that
database information remains synchronized even when there is a system crash?
Answer: d. the Transaction Tracking System
3.
Last night’s Windows Server 2003 backups were successful, but it is nearly noon today and you have
detected that a hard drive is displaying multiple severe errors. You decide to make an unscheduled
backup of today’s work before you take down the computer to fix the drive. When type of backup is
most appropriate in this situation?
Answer: d. daily
4.
What are the advantages of using a tape rotation scheme? (Choose all that apply.)
Answer: a. and c.
5.
Your company is considering the use of clustering for servers used by the marketing department. The
marketing vice president wants to use an arrangement in which all data is stored on a single tower of
tape drives. Is this possible through clustering?
Answer: a. It is possible by using the shared disk model of clustering.
6.
Your NetWare 6.5 server seems to have intermittent problems with its connection to the network. It
has a very new model NIC which you suspect is the cause of the problems. The NIC is not sending out
excessive traffic; it just seems to have the connection problems. Which of the following might you do
first?
Answer: b. Check the NIC manufacturer’s Web site to see if there are any reported problems with
this NIC and if there is a new driver.
7.
You are planning to purchase a UPS for a Red Hat Linux server used in an accounting office. The
office frequently experiences brown outs and power outages because there are electrical wiring
problems in the building. What should you look for in the UPS that you purchase? (Choose all that
apply.)
Answer: b., c., and d.
8.
Which of the following are functions provided by a NIC? (Choose all that apply.)
Answer: a. and b.
9.
Your client’s server has two disk drives connected to two separate controller cards. One disk drive is
used as a backup and contains an exact image of the contents of the main drive. This is called
__________________________.
Answer: a. disk duplexing
10. Windows 2000 Server supports which of the following RAID levels? (Choose all that apply.)
Answer: a. and c.
1
© 2004 Course Technology and Michael Palmer. All rights reserved.
Guide to Operating Systems Security
0-619-16040-3
11. You have a new system programmer who is helping to set up a server on a UPS. He is connecting the
CPU, monitor, laser printer, and a scanner to the UPS. What is your response?
Answer: b. to unplug the laser printer and scanner and plug both of these into a regular electrical
outlet.
12. Your organization has purchased a four-processor computer for you to use as a program development
system. They have also purchased Windows XP Professional for you to install on the computer. The
Windows XP Professional installation will not complete. What is the problem?
Answer: d. Windows XP Professional does not support a four-processor computer.
13. What is the main benefit of disk striping?
Answer: c. It can extend the life of a disk.
14. Which of the following are examples of options that can be configured with a UPS that is connected to
a computer via a USB or serial connection? (Choose all that apply.)
Answer: a. and b.
15. How many disks are needed to configure RAID level 5 in Windows Server 2003?
Answer: c. three
16. Your customer service organization uses software RAID level 5 employing five disks. A power supply
problem in the unit housing the disks has caused three of the disks to fail. What actions do you take in
this situation?
Answer: d. Replace the failed disks and perform a full restore from your backup tapes.
17. A NIC uses which of the following to encapsulate source and address information prior to sending a
packet? (Choose all that apply.)
Answer: c. and d.
18. You are setting up RAID level 5 on eight disks. What percentage of the disk space is needed for
redundancy (rather than actual data storage)?
Answer: a. One-eighth
19. Your company is considering using software RAID options in Windows Server 2003, but the IT
director is concerned because he says the company cannot place boot and system files on the RAID
drives if RAID level 5 is used. What solution do you recommend?
Answer: c. Use hardware RAID, which does not have this limitation
20. You are using a combination of full backups on Friday nights and incremental backups Saturday
through Thursday (including Sunday night). On Tuesday the series of disks you are backing up must
be completely replaced because of damage caused by a virus that cannot be completely extricated.
Which backup tapes will you need to use to completely restore your data?
Answer: d. the Friday, Saturday, Sunday, and Monday night tapes
2
© 2004 Course Technology and Michael Palmer. All rights reserved.
Guide to Operating Systems Security
0-619-16040-3
Hands-On Projects Tips and Solutions for Chapter 11
Project 11-1
In this project, students learn how to configure the Uninterruptible Power Supply service on Windows
operating systems so that it is started and set to start automatically.
In Step 6, students should report whether or not the service is started.
Project 11-2
In this project, students learn from where to set up communications with a UPS in Windows
2000/XP/2003. Note that on some systems such as some portables and desktop computers, the UPS tab
may not be displayed and the system relies on an installation CD-ROM or PnP detection to configure
communications.
In Step 3, students should notice that they can specify the UPS vendor in the Select manufacture box.
Also, they should notice example manufacturers, such as American Power Conversion.
In Step 5, the On port box enables you to specify the COM or USB port.
In Step 7, the options that can be configured include:
 How to send out notifications of a power failure
 When to sound a critical alarm that the UPS is about out of power
 The ability to run a program just before the UPS is out of power
 Whether or not you want the computer and UPS to shut down just before the UPS is out of
power
Project 11-3
Students learn how to configure NetWare UPS communications in this project. It is not necessary to
have a UPS attached to the computer for the project.
In Step 3, the message that verifies the load command should be: Loading Module AIOCOMX.NLM.
In Step 4, students should report that they are loading the UPS_AIO NLM so that it will shut down the
operating system after nine minutes have passed continuously without external power and a warning
message will be sent to users after seven minutes without power.
3
© 2004 Course Technology and Michael Palmer. All rights reserved.
Guide to Operating Systems Security
0-619-16040-3
Project 11-4
In this project, students practice taking a normal backup of a disk drive in Windows 200/XP/2003 (or if
they only have a CD-R, CD-RW, or Zip disk, they can take a backup of a few folders).
In Step 5, to backup only a portion of a drive, such as a folder, double-click the drive and then check
only the folder.
In Step 11, the types of backups that students will see after they press the Advanced button are as
follows:
 Normal
 Copy
 Incremental
 Differential
 Daily
Also in Step 11, the types of options displayed in the Advanced Backup Options dialog box also
include:
 Back up data that is in Remote Storage
 Verify data after backup
 If possible, compress the backup data to save space
 Automatically backup System Protected Files with the System State
 Disable volume shadow copy
Consider using this assignment as an opportunity to have a discussion with your students about
different backup techniques that are used in different organizations. You might also illustrate tape
rotation techniques, such as the Tower of Hanoi. One possibility for an extra assignment is to have
students visit a small company or firm and prepare a recommendation for regular backups.
Project 11-5
In this project, students use the tar command to back up the /etc and the /usr/home directories.
Students can practice using disk space on the computer or using a tape drive if one is available on the
computer.
Project 11-6
Students practice starting a backup in NetWare in this project. Before they start, smsstart, TSA600,
TSANDS, and sbcon should already be loaded. Also, students will need a remote computer running
Windows 2000/XP that can log onto the NetWare server.
In Step 19, the Full backup type is selected by default.
Project 11-7
In this project, students view the man (manual) documentation for the dump command in Mac OS X.
In Step 6, the circumstances that might require operator intervention include:
 End of tape
 End of dump
 Tape write error
 Tape open error
 Disk read error
4
© 2004 Course Technology and Michael Palmer. All rights reserved.
Guide to Operating Systems Security
0-619-16040-3
Solutions to the Case Project Assignments
Marian City Credit Union provides banking and financial services for city employees. The credit union has
over 5000 customers. It offers customers checking and savings accounts, loans, telephone and Internet
banking, and investment services. The credit union tracks client account information using software on
three Windows 2003 servers, (1) a server that houses the software applications, (2) a server that has the
main database for customer accounts, and (3) a server that contains a subset of the main database, along
with a wide range of reports used by management, the controller, and the local and federal auditors.
Marian City Credit Union also has a NetWare 6.0 server used to process local loans and coordinate larger
loans with a national credit union association that provides funding for home mortgages. The NetWare 6.0
server is also used to handle investment banking services. Internet banking is a rapidly growing service for
the credit union and is handled by a Red Hat Linux 9.0 server. The credit union staff use Windows XP
Professional on their desktops, with the exception of the small marketing group that uses Mac OS X.
Marion City Credit Union has just lost three of its four-person IT staff and hires you through Aspen IT
Services to help them address specific disaster recovery concerns raised by both the management and the
auditors.
Case Project 11-1: Deploying UPS Systems
Marion City Credit Union currently has two small offline UPS systems, one to protect the Windows Server
2003 database server and one to protect the NetWare 6.0 server. The auditors have recommended that the
credit union protect all of the servers with UPS systems and that they upgrade the two aging offline UPSs.
Before taking action on this recommendation, the credit union management asks you to prepare a report
that:
 Describes the types of UPS systems available
 Recommends what types of UPS systems and features to use with the servers
Answer:
The auditors are right to recommend that these UPS systems be upgraded.
In their reports, students should describe online and offline UPS systems. An online UPS provides power
from its batteries, so there is not even a slight interruption in power when the main power line goes down.
An offline UPS does not switch to battery power unless there is a power problem, which means that a
computer may still go down or experience wear on electrical parts because of main power problems.
Besides these differences, students should note that UPS systems provide power conditioning and
regulation to protect against power surges, sages, and dirty power. Some UPS systems come with serial or
USB connections to communicate with the computer, such as to warn the computer that the main power has
gone down.
All of the servers should be on one or multiple online UPS systems. If one UPS system is used, it is
important to make sure that the UPS system can handle the entire load, if there is a power failure. Large
UPS systems also may require more maintenance than smaller UPSs. Further, the credit union should
strongly consider purchasing UPS systems that can communicate with the servers.
5
© 2004 Course Technology and Michael Palmer. All rights reserved.
Guide to Operating Systems Security
0-619-16040-3
Case Project 11-2: Security through Hardware Redundancy
In addition to addressing the auditors' concerns about UPS systems, the credit union management wants to
consider ways to ensure continuous operations of key servers. They ask you to prepare a short report that
recommends hardware redundancy measures for the following servers:
 Windows 2003 server used for software applications
 Windows 2003 database server
 NetWare 6.0 loan and investment banking server
 Red Hat Linux 9.0 Internet banking server
Answer:
Hardware redundancy can be achieved through:
 Using redundant components, such as extra NICs and power supplies in a computer.
 Using SMP systems for redundant processors
 Clustering computers
 RAID
Sample redundancy recommendations that students might make include:
 For the Windows 2003 server used for software applications: redundant NICs and a redundant
power supply. The server might also be an SMP computer, if the need for redundancy and
processing power warrant it. The server might also have RAID.
 For the Windows 2003 database server: redundant NICs and a redundant power supply. For better
performance and redundancy, the server might also be an SMP computer. This server ought to
have some form of RAID.
 For the NetWare 6.0 loan and investment banking server: redundant NICs and a redundant power
supply. The need for SMP computing and RAID would depend on the assessment of how critical
uptime is from moment to moment during business hours.
 For the Red Hat Linux 9.0 Internet banking server: redundant NICs and a redundant power supply.
If this is a busy server, SMP computing may be important. Also, because Internet banking is done
around the clock, this server should have some form of RAID.
6
© 2004 Course Technology and Michael Palmer. All rights reserved.
Guide to Operating Systems Security
0-619-16040-3
Case Project 11-3: Deploying RAID
The tellers at the credit union rely heavily on the Windows 2003 applications and database servers.
Currently neither server has RAID installed. The auditors consider providing RAID to be a high priority.
Create a report for the credit union management that describes the types of RAID available for Windows
Server 2003 and that recommends which forms of RAID to use for these servers.
Answer:
Windows Server 2003 supports the following forms of RAID:
 RAID level 0: This level is disk striping only, which can help extend the disk life and provide better
performance. One advantage of this level of RAID is that data access is relatively fast. A disadvantage
is that if one drive in the set fails, access to all drives and data fails.
 RAID level 1: This level includes disk mirroring and disk duplexing. Read access is typically faster
than write access. For each disk there is another backup disk that contains a mirror or shadow image of
the data.
 RAID level 5: This level combines disk striping, error correction, and checksum verification. Level 5
spreads error correction and checksum data over all of the disks, so there is no single point of failure.
One disk can fail transparently, but failure of two disks at the same time generally means data will
need to be restored after replacing the disks.
Students might recommend RAID levels 1 or 5 for either server. In part, the recommendations can be made
on the number of disk drives used in the servers. If all information is on one drive, then disk
mirroring/duplexing is a good choice. If there are multiple drives on the servers, then RAID level 5 is likely
to be a better choice in terms of cost. Another factor is downtime. If a RAID level 1 drive fails, it is
necessary to take down the server and bring it up activating the mirrored/duplexed drive. When a drive fails
in RAID 5, this typically is transparent to users, so they can continue with their work.
Case Project 11-4: Solving a Problem for Marketing
One of the marketing staff was working on a new brochure when the disk drive in her Mac OS X system
failed. The brochure is intended as the first step in a new marketing drive. The staff member did not have
the brochure backed up and so has lost a week of work on the project, which will also delay the marketing
drive. The credit union management asks you to submit recommendations about how to prevent this from
happening in the future.
Answer:
The most basic preventative step is to provide users with CD-R/RW drives (or another backup medium) so
that they can regularly back up important work. The next step would be to train the users about taking
regular backups.
Students should also note that Mac OS X supports RAID levels 0 and 1. An option for the Mac OS X users
in marketing is to provide them with RAID level 1 for disk mirroring. However, no matter what version of
RAID is used, it is still important to take regular backups.
7
© 2004 Course Technology and Michael Palmer. All rights reserved.
Guide to Operating Systems Security
0-619-16040-3
Case Project 11-5: A Backup Scheme for Windows Server 2003 and NetWare
Currently, normal backups are taken every third night on the Windows 2003 servers and on the NetWare
server 6.0. There is one set of tapes used for each server, with both sets stored near the servers. The
auditors recommend nightly backups for both servers. Before changing the backup scheme, the credit union
management would like a report from you that addresses:
 The types of backups available in Windows Server 2003
 The types of backups available in NetWare 6.0
 Your recommendations about how to change the backup procedures
Answer:
Taking backups every third night is certainly not adequate for a credit union and the auditors are right to
ask for a revised approach.
The types of backups available in Windows Server 2003 are:
 Normal: which backs up all data regardless of when it was last modified
 Incremental: which backs up files that have been modified since the last backup (as indicated by
the archive bit) and the archive bit is removed
 Differential: same as the incremental backup, but the archive bit is not removed
 Copy: backs up only the selected folder and files
 Daily: backs up only files and folders that have changed that day and does not remove the archive
bit
The types of backups available in NetWare are:
 Full: which backs up all data regardless of when it was last modified
 Incremental: which backs up files that have been modified since the last backup (as indicated by
the archive bit) and the archive bit is removed
 Differential: same as the incremental backup, but the archive bit is not removed
The recommendations for changing the backup procedures might include the following:
On the Windows 2003 server, the credit union should perform backups at the end of each business day or
every day. They might use a normal back up each Friday or Saturday night (depending on business hours)
and a differential backup on all other nights. Further, a tape rotation scheme should be developed, such as
the Tower of Hanoi, using at least two tape sets. The tape set not in use should be stored in an off-site vault.
The recommendations are similar for the NetWare server. Backups should be performed at the end of each
business day or each night. A full backup might be used on Friday or Saturday after business. Differential
backups might be used on all other nights. Additionally, a tape rotation scheme should be used, with at least
two tape sets. The tape set not in use should be securely stored off site.
8
© 2004 Course Technology and Michael Palmer. All rights reserved.