Add to collection(s) Add to saved
  1. Engineering & Technology
  2. Computer Science
  3. Computer Networks

Guide to Operating Systems Security

Guide to Operating Systems Security
0-619-16040-3
Guide to Operating Systems Security
Chapter 2 Solutions
Answers to the Chapter 2 Review Questions
1.
The Melissa virus was transported by ___________________________.
Answer: c. e-mail
2.
Which of the following are used for updates in Windows XP Professional? (Choose all that apply.)
Answer: b. Windows Update
3.
A Windows Server 2003 server administrator, whom you know from another firm, is complaining
about a virus that was installed on one of his firm’s servers from a device driver file that the server
administrator downloaded from a freeware Internet site. What steps could that server administrator
have taken to avoid getting a virus in this way? (Choose all that apply.)
Answer: a. both a and c
4.
You can use an emergency repair disk in ________________________________.
Answer: a. Windows 2000
5.
The ______________________ mode in Mac OS X enables you to view operating system files as they
load.
Answer: d. verbose
6.
Which of the following is used by the Linux.Millen.Worm and the Code Red worms? (Choose all that
apply.)
Answer: c. buffer overflow
7.
A server operator in your organization is planning to do a quick virus scan of a NetWare server before
releasing the server for daily use, just after completing the overnight backups. She does not have much
time and wants to do a fast virus scan only on executable files. Which of the following files are
examples of executable files she should scan? (Choose all that apply.)
Answer: a., c., and d.
8.
Your Red Hat Linux 9.x system will not boot, and you decide to replace the MBR. What mode can you
use to boot the system in order to replace the MBR?
Answer: b. rescue mode
9.
An employee in your company obtained a Microsoft Word XP template from a friend in another
company and has distributed that template to other users. You have used a virus scanner on the
template and found that it contains a virus. What should you do next?
Answer: d. Have users disable macros in Word XP
10. Which of the following are steps you can take to protect a system from malicious software? (Choose
all that apply.)
Answer: a., b., c., and d.
11. Which of the following is not true of a service pack from Microsoft?
Answer: a. Only one service pack is issued at a time and there are options in that service pack so
that it can be applied to any Microsoft operating system.
12. On what menu in Windows Server 2003 can you access the Enable Boot Logging option?
Answer: d. Advanced Options menu when you boot the system
1
© 2004 Course Technology and Michael Palmer. All rights reserved.
Guide to Operating Systems Security
0-619-16040-3
13. Which of the following should you look for in a malicious software scanning tool? (Choose all that
apply.)
Answer: a., b., c., and d.
14. Where is the MBR found on a Red Hat Linux system?
Answer: a. boot or partition sector of a hard disk
15. When a virus infects the boot sector of a hard disk, ______________________________.
Answer: b. it is common that disks placed in the floppy drive may become infected, too
16. Well-known vulnerabilities to malicious software exist in which of the following systems? (Choose all
that apply.)
Answer: c. and d.
17. Which of the following is an example of a NetWare 6.x file that may commonly house a virus?
Answer: c. startup.ncf
18. Which of the following is an example of a Mac OS X folder that contains items that are commonly
targeted by a virus?
Answer: b. Startupitems folder
19. Which of the following is an example of a Red Hat Linux file that can be a target of a virus?
Answer: d. inittab
20. The Simpsons AppleScript virus __________________________.
Answer: a. is a Trojan horse sent with an e-mail message
21. As server administrator, you are the backup person for the SQL Server database administrator, who has
informed you that the SQL Administrator account uses the password sa. Is the SQL Server at any risk
with this password?
Answer: c. Yes, because the Digispid.B.Worm targets SQL Server systems that have this
password.
22. How do you check for updates available in Red Hat Linux 9.x?
Answer: b. Click the exclamation point icon in the Panel
23. Which of the following systems use an Automated System Recovery set? (Choose all that apply.)
Answer: c. Windows Server 2003
24. Which Trojan horse alters a system folder in Windows XP?
Answer: d. Backdoor.Egghead
25. A major update in NetWare 6.x is performed through ______________________.
Answer: a. consolidated support packs
2
© 2004 Course Technology and Michael Palmer. All rights reserved.
Guide to Operating Systems Security
0-619-16040-3
Hands-On Projects Tips and Solutions for Chapter 2
Project 2-1
For this project, students use the Cert Coordination Center to learn more about viruses.
In Step 3, at this writing there are 317 matches found for a search on virus.
Project 2-2
This project enables students to practice accessing the Windows registry with the Registry Editor.
In Step 3, the subkeys under HKEY_LOCAL_MACHINE are:
 HARDWARE
 SAM
 SECURITY
 SOFTWARE
 SYSTEM
Project 2-3
In this project, students practice viewing the /etc/inittab file in Red Hat Linux 9.x.
In Step 5, students should note that a new window opens for the Emacs editor, which displays the
contents of the /etc/inittab file.
Remind students not to make any changes to the /etc/inittab file and to exit properly.
Project 2-4
In this activity, students learn how to access the recovery console in Windows 2000 Server or
Windows Server 2003. They will need access to the Windows 2000 Server setup floppy disks or the
Windows 2000 Server or Windows Server 2003 installation CD-ROM.
In Step 4, students should report seeing a character-based screen and a prompt at which to type
command-line commands.
In Step 5, after students type help and press Enter they will see a list of commands that can be used in
the recovery console.
In Step 6, students see an explanation of the fixmbr command, which has an optional parameter to
specify the device.
In Step 7, students see an explanation of the fixboot command.
3
© 2004 Course Technology and Michael Palmer. All rights reserved.
Guide to Operating Systems Security
0-619-16040-3
Project 2-5
This project enables students to access the Red Hat Linux rescue mode.
In Step 2, students should report seeing the boot: __ prompt.
In Step 3, a minimal operating system is loaded from CD-ROM.
In Step 6, there is an option to mount the file systems as read-only, which is accomplished by using the
tab key to select the Read-Only option.
In Step 8, to make the system run in the root environment, students learn that they can enter the
command: chroot /mnt/sysimag
Project 2-6
In this project, students learn how to configure macro security in Microsoft Word XP. In conjunction
with this project, consider holding a class discussion about different ways to educate users about
employing security options that come with software.
In Step 5, high security means that macros are used only for digitally signed documents. In medium
security, macros are disabled by default, but the user can select to disable macros for documents they
believe to be from a trusted source. In low security, macros are enabled.
Project 2-7
.
This project enables students use the Automatic Updates Setup Wizard in Windows Server 2003.
In Step 5, the options students should report seeing are:
 Every day
 Every Sunday
 Every Monday
 Every Tuesday
 Every Wednesday
 Every Thursday
 Every Friday
 Every Saturday
Also, students should note that to configure updates to go automatically every Wednesday at 9 p.m.
they would set the day of the week parameter to Every Wednesday and then set the time parameter to 9
p.m.
Project 2-8
In this project students learn how to use the Red Hat Network Alert Notification Tool.
In Step 2, students should record the number of updates available to be installed.
In Step 7, students should notice and record the amount of disk space required for the packages, which
is shown near the bottom of the window.
4
© 2004 Course Technology and Michael Palmer. All rights reserved.
Guide to Operating Systems Security
0-619-16040-3
Project 2-9
This project enables students to learn how to use the Software Update tool in Mac OS X.
In Step 3, the options are:
 Daily
 Weekly
 Monthly
In Step 4, students should report the number of updates already installed.
In Step 6, students should note if any of the updates relate to security. Often they will see security
updates, but not always.
Project 2-10
This project gives students an opportunity to boot into the Safe Mode in Windows 2000, Windows XP
Professional, or Windows Server 2003.
In Step 4, students should report seeing the files that are loaded as the system boots up.
In Step 6, the desktop appears with a black background, no wallpaper, and large print.
Project 2-11
In this project, students boot using the Mac OS X verbose mode. If they have trouble booting into this
mode, make sure that they are holding down the Command and v keys as soon as the system starts
until they begin to see text on the screen.
In Step 2, students should see a black screen and lines of text showing what is being loaded as the
system boots.
Project 2-12
Students use this project to learn how to configure driver signing in Windows 2000, Windows XP
Professional, or Windows Server 2003.
In Step 3, the options students see in Windows XP Professional and Windows Server 2003 (the same
options appear in Windows 2000, but the wording of the explanations for each is slightly different) are:
 Ignore - Install the software anyway and don’t ask for my approval
 Warn - Prompt me each time to choose an action
 Block - Never install unsigned driver software.
5
© 2004 Course Technology and Michael Palmer. All rights reserved.
Guide to Operating Systems Security
0-619-16040-3
Solutions to the Case Project Assignments
Nishida and McCormick is a large law firm that has hired you, through Aspen IT Services, to help with
security and to train their new server and network administrator Jim Vialpondo. The former network
administrator left suddenly and Jim, who was the PC support consultant has been promoted to this position.
The main office houses 92 users and has two Red Hat Linux 9.0 servers, one Windows Server 2003 file and
print server, a Windows 2000 server used for a Web site, and one NetWare 6.0 server. The firm has a
satellite office 128 miles away from the main office that has 62 users on a Red Hat Linux 9.0 server. The
attorneys and support staff and both locations primarily use Windows XP Professional, but there are also 12
Mac OS X users.
Case Project 2-1: Training the New Server and Network Administrator
The Computing Services Department director asks you to train the new server and network administrator
about malicious software by discussing the ways in which the following can spread in both workstation and
server systems:
 Viruses
 Worms
 Trojan horses
Create a short study paper that the server and network administrator can use as a reference.
Answer:
Some typical ways in which a virus or other malicious software can spread include:
 Boot or partition sector—which infects the boot or partition sector of a system, which is at the
beginning of a disk. Sometimes this type of infection continues to spread by infecting floppy
disks that are then taken to other computers.
 File infector—which appends to program files, including system files.
 Macro—infects macro files, which are instruction set files often used with word processors,
spreadsheets, and other software. A macro in a template can be infected and continue
infecting all systems using that template or a document using the template.
 Multipartite—infects systems through a combination of ways, such as by using a file infector
and a macro.
Worms may spread using a buffer overflow or by being sent as an e-mail attachment.
Trojan horses spread as e-mail attachments or when users want to share via floppy disk Trojan horse
programs that appear to be harmless.
It is wise to caution users not to run programs that are not from a trusted source.
6
© 2004 Course Technology and Michael Palmer. All rights reserved.
Guide to Operating Systems Security
0-619-16040-3
Case Project 2-2: A Malicious Macro
The administrative assistant to one of the managing partners has brought in a Word XP macro containing a
virus. The macro spread from his home computer to a document on a floppy disk that he was working on at
home and then used at work. What steps should be taken to keep the virus in the macro from spreading to
other areas of the network?
Answer:
Several steps can be taken to prevent the spread of a macro containing a virus. First, the original user
should not share this document with anyone else or let anyone else open it. Nor should the user open the
document, until it is cleaned and verified by a scanner. Also, it is important that the document not be placed
on a server or shared drive. If necessary, the administrative assistant’s computer might be disconnected
from the network, until it is checked. Another step is to destroy the floppy disk containing the document.
A malicious software scanner should be used to find and clean the macro virus from the system of the
original user. This should also be done on the user’s home computer.
Additionally, the use of macros should be disabled in Word XP or set to “high” on all computers in the firm
and on the administrative assistant’s home computer.
Further, the firm should establish clear policies about taking files home and bringing them back to work. If
users need to work at home, the firm might purchase scanning software for those users.
Case Project 2-3: Security Policy Recommendations
One of your assignments from Nishida and McCormick is to work with the new server and network
administrator to develop recommendations for a security policy to address the threat of malicious software.
Create a list of general recommendations that you can use in your first planning meeting with the new
administrator.
Answer:
The general recommendations should parallel those in the text, which are:
 Train users in security techniques.
 Train users about how malicious software works.
 Use a malicious software scanner on floppy disks, CD-Rs, and CD-RWs before using them on
another computer.
 Control the types of media, files, and software brought in from outside the organization.
 Limit the types of software that users can install themselves.
 Create one or more quarantined areas for files from unknown sources.
 Control what files are allowed to be downloaded from off-site locations and if files must be
downloaded, put them in a quarantined location until they are scanned.
 Scan incoming e-mail and attachments.
 Discard e-mail attachments from unknown or untrusted sources.
7
© 2004 Course Technology and Michael Palmer. All rights reserved.
Guide to Operating Systems Security
0-619-16040-3
Case Project 2-4: Updating Operating Systems
Your audit of security reveals that the law firm has been updating the NetWare and Windows servers on a
regular basis, as well as the Windows XP Professional systems, but they have not installed any new patches
on the Red Hat Linux server or on the Mac OS X desktop computers. Create a document for the new
administrator that briefly outlines the steps for performing updates on the Red Hat Linux and Mac OS X
computers.
Answer:
The steps for updating Red Hat Linux 9.0 using the Hat Network Alert Notification Tool are generally as
follows:
1. On the Panel near the clock, click the exclamation point icon in the red circle or the two arrows
icon in the green circle.
2. Select the Available Updates tab and note the updates that need to be made.
3. Click the Launch up2date button.
4. Click Forward after the Red Hat Update Agent window starts.
5. Use the default channel selection and click Forward.
6. Click Forward in the Packages Flagged to be Skipped box.
7. Click the Select all Packages box. Make sure you have enough disk space for the update.
8. Click Forward.
9. Click Forward when you see the message, "All Finished. Click Forward to continue."
10. Click Forward.
11. Click Finished.
12. Click Close.
To obtain and install updates in Mac OS X using the Software Update tool:
1. Click the System Preferences icon in the Dock or click the Go menu, click Applications, and
double-click System Preferences.
2. Click Software Update and make sure that the Update Software tab is selected.
3. Ensure that Automatically check for updates when you have a network connection is checked.
Change the schedule for updates, if desired.
4. Click the Installed Updates tab, if you want to view updates that have already been made.
5. Click the Update Software tab.
6. Click the Check Now button to access the Apple web site and check for updates.
7. Click the Install button.
8. Enter your account name and password and press Return. The download and installation may take
several minutes. When it is finished you will see the message: Status finished.
9. Restart the system, if requested.
8
© 2004 Course Technology and Michael Palmer. All rights reserved.
Guide to Operating Systems Security
0-619-16040-3
Case Project 2-5: Protecting the Windows XP Professional Systems
Your security audit also shows that Windows XP Professional users are not backing up important system
files through creating periodic ASR sets. Create a “how to” document for the users explaining the
importance of an ASR set and how to create this system backup.
Answer:
Users will need a blank floppy disk and a CD-R, CD-RW, or tape for the backup. With these available, the
following steps outline how to create an ASR set:
1. Click Start, point to Accessories, point to System Tools, and click Backup.
2. When the Backup or Restore Wizard starts, click the Advanced Mode link.
3. Click the Automated System Recovery Wizard button.
4. Click Next when the Automated System Recovery Preparation Wizard starts.
5. Change the path for the default file name to the CD-R or tape drive you are using. Insert the CDR, CD-RW, or tape.
6. Click Next.
7. Click Finish to write the backup files to the CD-R, CD-RW, or tape.
8. Notice the Automated System Recovery information box and then the Backup Progress dialog box
as the files are being copied.
9. When requested, insert a blank formatted floppy disk and click OK.
10. Remove the floppy disk and CD-R, CD-RW, or tape, and click OK.
11. Close the Backup Progress dialog box and the Backup Utility window.
9
© 2004 Course Technology and Michael Palmer. All rights reserved.
Related documents
PC Fundamentals Test Name: Date: Directions: Answer all
PC Fundamentals Test Name: Date: Directions: Answer all
Battlefield Cell Virus Attacks
Battlefield Cell Virus Attacks
Who is in your family? Give us a brief description of your family. If it is
Who is in your family? Give us a brief description of your family. If it is
Outline for Pathogenesis Document
Outline for Pathogenesis Document
Phase III: Individualized Professional Development
Phase III: Individualized Professional Development
Understanding Viruses Video Notes Integrated Science 2
Understanding Viruses Video Notes Integrated Science 2
D-BP01-Employee Communications and Levels of Authority
D-BP01-Employee Communications and Levels of Authority
Download