document

snottysurfsideΔιακομιστές

9 Δεκ 2013 (πριν από 3 χρόνια και 8 μήνες)

86 εμφανίσεις

Host Security

Name: ________________________________________________

E
-
Mail: _______________________________________________

Test Your Understanding

1.

a)

Why is host hardening needed?


b)

What are the elements of host hardening?


c)

What is a security b
aseline, and why is it important?


d)

What type of device does a systems administrator manage?

2.

a)

Comment on the vulnerability of Microsoft Windows servers.

b)

List the main generations of Windows Server NOSs.

c)

Why is Microsoft Windows Server easy t
o learn to use?

d)

Why are MMCs important?

e)

How does the systems administrator get to them?

f)

What are snap
-
ins?

g)

What is the role of active directory in Windows systems administration?

h)

What is a domain?

i)

Distinguish between domain controll
ers and member servers.

j)

What are GPOs?

k)

Why are they important?

3.

a)

Why is UNIX systems administration difficult to describe specifically?

b)

Distinguish between UNIX and LINUX.

c)

What is a LINUX distribution?

Host Hardening

Page
2

d)

What is Security
-
Enhanced LINU
X?

e)

Does a particular version of UNIX have a single user interface?

f)

What are UNIX CLIs called?

g)

Why are CLIs difficult to use?

4.

a)

Are routers hosts?

b)

Why is protecting routers crucial?

c)

What is the name of Cisco’s operating system?

d)

O
n what types of devices does it run?

5.

a)

Do security choices need to be made during installation?

b)

Why is using a security baseline important during installation?

Known Vulnerabilities and Exploits

6.

a)

What is a known vulnerability?

b)

What is an e
xploit?

c)

Why does tension exist between vulnerability reporters and vendors?

7.

Distinguish between work
-
arounds,
and

patches,
and upgrades
.

8.

a)

How do you apply patches in Windows 2000?

b)

What patch downloading method is commonly used in LINUX?

9.

a
)

Why do many companies not install patches?

b)

What is a patch testing server?

10.

a)

Why is turning off unnecessary services important?

b)

How are operating system vendors beginning to change their approaches to
installing services by default?

c)

What

is lock down?

d)

How can a firm know what services need to be installed?

11.

a)

How can a Windows systems administrator learn what services are running?

Host Hardening

Page
3

b)

How can the
Windows

systems administrator stop services that are running?

12.

a)

What are the thr
ee ways to start services in UNIX?

b)

How can a UNIX systems administrator learn which services are running
currently?

c)

Distinguish between ps and netstat.

d)

How can
the

a UNIX

systems administrator turn off a particular service?

e)

Killing services

stops them only temporarily. How can a
UNIX

systems
administrator stop them from automatically restarting?

13.

a)

How are users and groups created on stand
-
alone Windows servers?

b)

In domains?

c)

What protections should be applied to the Administrator
account?

d)

To the Guest account?

e)

What restrictions can be made during account setup?

f)

Why are standard groups that are established automatically important in
Windows?

14.

a)

In UNIX, what protections should be applied to the root account?


b)

Wha
t is the UNIX analog of the RunAs command in Windows?

15.

a)

What is the principle of least permissions?

b)

Why is it important from a security viewpoint?

16.

a)

How are permissions applied in Windows?

b)

How many permissions does Windows have?

17.

a)

Wh
at are the 3 UNIX permissions?

b)

To which three individuals or groups are permissions assigned for a particular
file?

c)

How does the
number

specificity

of UNIX file permissions compare with that
of Windows?

d)

Is the third line in Figure 6
-
15 a file o
r a directory?

Host Hardening

Page
4

e)

Who is the owner?

f)

What is the name of the file?

g)

What are the owner, group, and rest
-
of
-
world permissions?

h)

What is the purpose of the umask command?

i)

What command is used to change file or directory permissions?

j)

What co
mmand would you give to change the ownership of the file
wall
.doc

to
the user
galumpke
?

18.

a)

List some security
-
related system logging events.

b)

What snap
-
in is used to manage logging in Windows?

c)

Which program is used to manage where logging events

are stored in UNIX?

d)

Does this program store log files locally or on other machines?

19.

a)

What is the backup command in UNIX?

b)

What does it allow a systems administrator to do?

c)


How does a systems administrator archive and restore files in Win
dows?

20.

a)

Why is file encryption dangerous?

b)

Why is key escrow needed?

c)

What actions are needed to encrypt files or directories in Windows?

d)

Explain how the Windows EFS is transparent to users.

e)

How is key escrow administered in EFS?

21.

a)

W
hat is the purpose of file integrity checkers?

b)

What is the most popular file integrity checker in UNIX?

c)

Briefly, how does a systems administrator use Tripwire?

d)

What are some problems with using Tripwire?

e)

How do attackers attempt to thwart T
ripwire?

22.

a)

Why is vulnerability assessment done?

b)

Distinguish among the three types of vulnerability assessment
tools

in UNIX.

Host Hardening

Page
5

c)

Describe MBSA.

23.

a)

Why is it important to protect client PCs?

b)

What protections should be applied to client PCs
?

c)

Why are these protections difficult to apply to client PCs?

d)

What tool does Windows use to centralize client security?

e)

What protections can this tool enforce?

f)

Why is it problematic for employees to use personally owned PCs to access
corpor
ate servers remotely?

Thought Questions

1.

Why do you think companies often fail to harden their servers adequately?

2.

Why do you think companies often fail to harden their clients adequately?

3.

Do you think the diversity of UNIX is good or bad?

4.

Why i
s it better to start with minimal permissions and services and add them as
needed rather than to begin with a broad set of permissions and services and
remove them to enhance security?

5.

Why do you think UNIX has such a limited ability to assign permissio
ns
compared to Windows? (The answer is not in the book at all.)

Troubleshooting Question

1.

You kill some services but see that they are running again the next day. What did
you do wrong?