Filesystems & windows
, Operating systems (OS): Windows & OS hardening
- OS is a vital component in any computing system that manages computer hardware
resources and provides service to competing programs
- OS is a set of programs that operates the resources of computer hardware and
performs basic computer program services
- Critical part of the computer system
- Application system typically requires a functional operating system
- e.g. Microsoft Window 10, Linux, Unix, Apple Mac OS
- OS security: a process of ensuring OS integrity, confidentiality and availability
- Includes all precautionary control techniques that help protect any computer
resources that might be taken away/ rewritten/ removed if the safety of the OS is
breached
- Why we need: most modern systems are globally accessible through an internet
connection -> very few stand-alone computer system environments
- Creates lot of security risks & allows malicious attackers/ exploit security
loopholes
- OS protection: various measures/ procedures often used to protect the OS from
intruders/ attacks
- Key component of secure OS:
- Kernel: executes the services at the lowest level
- Security kernel: managing all OS’s security processes
- Reference monitor: component of security kernel & manage
access to the device
- Trusted computing base (TCB): has everything needed to enforce the
security policies of the OS (Security kernel + Reference monitor)
- Security Reference Monitor (SRM): element of kernel mode which executes
access checks
- Sets audit log entries & manipulates privileges
- Performs every permission check
- Local Security Authority (LSA): for executing windows local security policies
- & publishes users authentication tokens as they sign into the network
- Include authentication policy & privileged parameters
- Security Account Manager (SAM): a database that stores user credentials &
related individual user & local community sensitive data
- When user signs in via local counter device -> requires user account
details & check their SAM server
- Active Directory: critical component of how Windows manage and operates
- Effective both for handling Cloud workflows & monitoring in-house
network identification & encryption control
- WinLogon & NetLogon
- WinLogon: manages local input logins
- NetLogon: manages network wide logins
- Client side vulnerabilities in OS
- Primarily in Windows
, Operating systems (OS): Windows & OS hardening
- OS is a vital component in any computing system that manages computer hardware
resources and provides service to competing programs
- OS is a set of programs that operates the resources of computer hardware and
performs basic computer program services
- Critical part of the computer system
- Application system typically requires a functional operating system
- e.g. Microsoft Window 10, Linux, Unix, Apple Mac OS
- OS security: a process of ensuring OS integrity, confidentiality and availability
- Includes all precautionary control techniques that help protect any computer
resources that might be taken away/ rewritten/ removed if the safety of the OS is
breached
- Why we need: most modern systems are globally accessible through an internet
connection -> very few stand-alone computer system environments
- Creates lot of security risks & allows malicious attackers/ exploit security
loopholes
- OS protection: various measures/ procedures often used to protect the OS from
intruders/ attacks
- Key component of secure OS:
- Kernel: executes the services at the lowest level
- Security kernel: managing all OS’s security processes
- Reference monitor: component of security kernel & manage
access to the device
- Trusted computing base (TCB): has everything needed to enforce the
security policies of the OS (Security kernel + Reference monitor)
- Security Reference Monitor (SRM): element of kernel mode which executes
access checks
- Sets audit log entries & manipulates privileges
- Performs every permission check
- Local Security Authority (LSA): for executing windows local security policies
- & publishes users authentication tokens as they sign into the network
- Include authentication policy & privileged parameters
- Security Account Manager (SAM): a database that stores user credentials &
related individual user & local community sensitive data
- When user signs in via local counter device -> requires user account
details & check their SAM server
- Active Directory: critical component of how Windows manage and operates
- Effective both for handling Cloud workflows & monitoring in-house
network identification & encryption control
- WinLogon & NetLogon
- WinLogon: manages local input logins
- NetLogon: manages network wide logins
- Client side vulnerabilities in OS
- Primarily in Windows
