Operating System Security Activities 0Handouts: Activities © 2002 ProsoftTraining All Rights Reserved. Version 3.07 Operating System Security Activities Activity 1-1: Reviewing elements and mechanisms found in operating systems In this activity, you will compare Windows 2000 and Linux to discover how each implements common operating system elements and security mechanisms. 1. Several common operating system elements or security elements are listed in the left column of Table A1-1. Fill in the specific name of the Windows 2000 or Linux operating system element or mechanism that each operating system supplies. Table A1-1: Operating system elements and security mechanisms Operating System Element or Security Mechanism Windows 2000 Linux User Account Information Authentication Control Access Control Data Encryption and Integrity In this activity, you have identified how Windows 2000 and Linux implement operating system elements and common security mechanisms. © 2002 ProsoftTraining All Rights Reserved. Version 3.07 Operating System Security Activities Activity 2-1: Identifying common operating system security parameters In this activity, you will review your understanding of various operating system security parameters. 1. Give the common term for the description provided: • The practice of blocking a user account after repeated logon failure: _______________________________________________________________ • Automatically re-enabling an account after it is blocked: _______________________________________________________________ • Passwords that use non-standard characters and are at least six characters long: _______________________________________________________________ • Remembering previously used passwords so they cannot be reused: _______________________________________________________________ In this lab, you have identified commonly-used security parameters. All operating systems contain their own implementations of the above parameters. As you gain more security experience, you will be able to easily map abstract concepts to actual implementation. © 2002 ProsoftTraining All Rights Reserved. Version 3.07 Operating System Security Activities Activity 3-1: Understanding shares and share points In this activity, you will review the difference between shares and share points. 1. Study the graphic in Figure A3-1. C:\ Share = Root C:\ACCT Share = Acct C:\HR Share = HR C:\CORP Share = Corp C:\CORP\PUB Share = Pub C:\DATA Share = Data Figure A3-1: Studying shares and share points This graphic suggests only share-level permissions. No NTFS-level permissions apply. Now, answer the following questions: © 2002 ProsoftTraining All Rights Reserved. Version 3.07 Operating System Security Activities 2. A user has just connected to the Pub share of your system. Describe why this user cannot access the C:\Corp directory: _______________________________________________________________ _______________________________________________________________ _______________________________________________________________ 3. A user has just connected to the Acct share on the system. What subdirectories will this user be able to access? _______________________________________________________________ 4. Suppose that a user has accessed the Root share. What other directories, if any, will this user be able to access? _______________________________________________________________ _______________________________________________________________ In this activity, you have differentiated between shares and share points, and have learned about how a share allows access to all subdirectories beneath a share point. © 2002 ProsoftTraining All Rights Reserved. Version 3.07 Operating System Security Activities Activity 4-1: Identifying security risks In this activity, you will review security risks discussed in this chapter. 1. Read the description in the left column of Table A4-1, then provide the relevant network server, service or daemon. Table A4-1: Describing network, service and daemon security issues Network Service, Daemon or Server Security Issue Cleartext transfer of maps Possible confusion of usernames and user id’s. Weak authentication of remote processes Susceptibility to keyloggers Default shares Buffer overflows In this activity, you identified common problems associated with various services, daemons and servers. © 2002 ProsoftTraining All Rights Reserved. Version 3.07 Operating System Security Activities Activity 5-1: Diagramming the SMB/CIFS connection process In this activity, you will explain how SMB/CIFS systems begin a connection and negotiate a dialect. 1. In the following diagram, provide a step-by step diagram of the SMB connection process. In this activity, you have identified the steps of the SMB connection process © 2002 ProsoftTraining All Rights Reserved. Version 3.07