0Activity Answers. Table A1-1: Operating system elements and security mechanisms. The Security Accounts Manager (SAM)

Transcription

1 Activity Answers-1 0Activity Answers Activity 1-1: Reviewing elements and mechanisms found in operating systems In this activity, you will compare Windows 2000 and Linux to discover how each implements common operating system elements and security mechanisms. 1. Several common operating system elements or security elements are listed in the left column of Table A1-1. Fill in the specific name of the Windows 2000 or Linux operating system element or mechanism that each operating system supplies. Table A1-1: Operating system elements and security mechanisms Operating System Element or Security Mechanism User Account Information Authentication Control Windows 2000 A Security Identifier (SID) The Security Accounts Manager (SAM) Linux The /etc/passwd, /etc/shadow and /etc/group files Pluggable Authentication Modules (PAM) Access Control Access Control Entries (includes Windows 2000 Discretionary ACL and System ACL) Pluggable Authentication Modules (PAM) and through individual daemons and/or applications Data Encryption and Integrity The Encrypting File System (EFS) Individual applications (e.g., md5sum, PGP and openssl)

2 Activity Answers-2 In this activity, you have identified how Windows 2000 and Linux implement operating system elements and common security mechanisms.

3 Activity Answers-3 Activity 2-1: Identifying common operating system security parameters In this activity, you will review your understanding of various operating system security parameters. 1. Give the common term for the description provided: The practice of blocking a user account after repeated logon failure: Account lockout Automatically re-enabling an account after it is blocked: Account reset Passwords that use non-standard characters and are at least six characters long: Strong passwords Remembering previously used passwords so they cannot be reused: Password history In this lab, you have identified commonly-used security parameters. All operating systems contain their own implementations of the above parameters. As you gain more security experience, you will be able to easily map abstract concepts to actual implementation.

4 Activity Answers-4 Activity 3-1: Understanding shares and share points In this activity, you will review the difference between shares and share points. 1. Study the graphic in Figure A3-1. C:\ Share = Root C:\ACCT Share = Acct C:\HR Share = HR C:\CORP Share = Corp C:\CORP\PUB Share = Pub C:\DATA Share = Data Figure A3-1: Studying shares and share points This graphic suggests only share-level permissions. No NTFS-level permissions apply. Now, answer the following questions:

5 Activity Answers-5 2. A user has just connected to the Pub share of your system. Describe why this user cannot access the C:\Corp directory: Because the share point is at C:\CORP\PUB. The share point limits access to any directory higher up on the hard drive tree. Any directory further up the hard drive tree is restricted to any user who connects to the Pub share point. 3. A user has just connected to the Acct share on the system. What subdirectories will this user be able to access? Any subfolder of the C:\ACCT folder, and no other. 4. Suppose that a user has accessed the Root share. What other directories, if any, will this user be able to access? All subdirectories on the hard drive. This is because this share allows access to all folders beneath it. In this activity, you have differentiated between shares and share points, and have learned about how a share allows access to all subdirectories beneath a share point.

6 Activity Answers-6 Activity 4-1: Identifying security risks In this activity, you will review security risks discussed in this chapter. 1. Read the description in the left column of Table A4-1, then provide the relevant network server, service or daemon. Table A4-1: Describing network, service and daemon security issues Network Service, Daemon or Server Cleartext transfer of maps Possible confusion of usernames and user id s. Weak authentication of remote processes Security Issue NIS NFS Rlogin and the portmapper daemon Susceptibility to keyloggers Windows 2000 and Linux Default shares Windows 2000 Buffer overflows Windows 2000 and Linux, as well as all daemons, services, and applications In this activity, you identified common problems associated with various services, daemons and servers.

7 Activity Answers-7 Activity 5-1: Diagramming the SMB/CIFS connection process In this activity, you will explain how SMB/CIFS systems begin a connection and negotiate a dialect. 1. In the following diagram, provide a step-by step diagram of the SMB connection process. In this activity, you have identified the steps of the SMB connection process