Chapter03 - Security+ Guide to Network Security...

Info iconThis preview shows pages 1–13. Sign up to view the full content.

View Full Document Right Arrow Icon
Security+ Guide to Network Security Fundamentals, Third Edition Chapter 3 Protecting Systems
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Security+ Guide to Network Security Fundamentals, Third Edition Objectives Explain how to harden operating systems List ways to prevent attacks through a Web browser Define SQL injection and explain how to protect against it Explain how to protect systems from communications-based attacks Describe various software security applications 2
Background image of page 2
Security+ Guide to Network Security Fundamentals, Third Edition Hardening the Operating System Hardening the operating system to resist attacks is often a three-pronged approach that involves: Managing updates to the operating system Protecting against buffer overflows Configuring operating system protections 3
Background image of page 3

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Security+ Guide to Network Security Fundamentals, Third Edition Managing Operating System Updates Update terminology The task of writing a secure operating system is daunting Due to the increased length and complexity of operating systems Unintentional vulnerabilities were introduced and then these were exploited by attackers 4
Background image of page 4
Security+ Guide to Network Security Fundamentals, Third Edition Managing Operating System Updates (continued) 5
Background image of page 5

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Security+ Guide to Network Security Fundamentals, Third Edition Managing Operating System Updates (continued) 6
Background image of page 6
Security+ Guide to Network Security Fundamentals, Third Edition Managing Operating System Updates (continued) Update terminology (continued) Security patch A general software security update intended to cover vulnerabilities that have been discovered Hotfix addresses a specific customer situation Often may not be distributed outside that customer’s organization Service pack A cumulative package of all security updates plus additional features 7
Background image of page 7

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Security+ Guide to Network Security Fundamentals, Third Edition 8
Background image of page 8
Security+ Guide to Network Security Fundamentals, Third Edition Managing Operating System Updates (continued) Patch management techniques Install updates automatically Download updates but let me choose whether to install them Check for updates but let me choose whether to download and install them Never check for updates Patches can sometimes create new problems 9
Background image of page 9

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Security+ Guide to Network Security Fundamentals, Third Edition 10
Background image of page 10
Security+ Guide to Network Security Fundamentals, Third Edition Managing Operating System Updates (continued) Automated patch update service Used to manage patches locally instead of relying upon the vendor’s online update service Advantages to an automated patch update service Can save bandwidth and time Computers that do not have Internet access can receive updates Administrators can approve or decline updates for client systems, force updates to install by a specific date, and obtain reports on what updates each computer needs 11
Background image of page 11

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Security+ Guide to Network Security Fundamentals, Third Edition Managing Operating System Updates
Background image of page 12
Image of page 13
This is the end of the preview. Sign up to access the rest of the document.

This note was uploaded on 06/13/2010 for the course CITX CITX 1150 taught by Professor P.whalen during the Fall '09 term at British Columbia Institute of Technology.

Page1 / 62

Chapter03 - Security+ Guide to Network Security...

This preview shows document pages 1 - 13. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online