{[ promptMessage ]}

Bookmark it

{[ promptMessage ]}

Ch04 - Security Baselines - Secur ity Baselines Chapter 4...

Info iconThis preview shows pages 1–10. Sign up to view the full content.

View Full Document Right Arrow Icon
Security Baselines Security+ Guide to Network Security Fundamentals Second Edition Chapter 4:
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full Document Right Arrow Icon
2 Objectives Disable nonessential systems Harden operating systems Harden applications Harden networks
Background image of page 2
3 Disabling Nonessential Systems First step in establishing a defense against computer attacks is to turn off all nonessential systems The background program waits in the computer’s random access memory (RAM) until the user presses a specific combination of keys (a hot key), such as Ctrl+Shift+P Then, the idling program springs to life Early terminate-and-stay-resident (TSR) programs performed functions such as displaying an instant calculator, small notepad, or address book In Microsoft Windows, a background program, such as Svchostexe, is called a process
Background image of page 3

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full Document Right Arrow Icon
4 Disabling Nonessential Systems (cont) The process provides a service to the operating system indicated by the service name, such as AppMgmt Users can view the display name of a service, which gives a detailed description, such as Application Management A single process can provide multiple services A service can be set to one of the following modes: Automatic Manual Disabled Besides preventing attackers from attaching malicious code to services, disabling nonessential
Background image of page 4
5 Disabling Nonessential Systems (cont)
Background image of page 5

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full Document Right Arrow Icon
6 Disabling Nonessential Systems (cont)
Background image of page 6
7 Disabling Nonessential Systems (cont) The User Datagram Protocol (UDP) provides for a connectionless TCP/IP transfer TCP and UDP are based on port numbers Socket: combination of an IP address and a port number The IP address is separated from the port number by a colon, as in 19814611820:80 The User Datagram Protocol (UDP) provides for a connectionless TCP/IP transfer TCP and UDP are based on port numbers Socket: combination of an IP address and a port number The IP address is separated from the port number
Background image of page 7

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full Document Right Arrow Icon
8 Disabling Nonessential Systems (cont)
Background image of page 8
9 Hardening Operating Systems Hardening: process of reducing vulnerabilities A hardened system is configured and updated to protect against attacks Three broad categories of items should be hardened: Operating systems Applications that the operating system runs Networks
Background image of page 9

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full Document Right Arrow Icon
Image of page 10
This is the end of the preview. Sign up to access the rest of the document.

{[ snackBarMessage ]}