CompTIA Security_ Deluxe Study Guide_ SY0-201 - Emmett Dulaney [138]
The FAT filesystem provides user-level and share-level security. As a result, FAT is largely unsuitable as a filesystem for use in secure environments. NTFS provides security capabilities similar to Unix, and it allows control of individual files using various criteria.
Manufacturers and venders provide product updates to improve security and to fix errors in the products they support. The three primary methods of upgrading systems are hotfixes, service packs, and patches. Hotfixes are usually meant as temporary fixes to a system until a permanent fix can be found. Microsoft also refers to its bug patches as hotfixes. Service packs usually contain multiple fixes to a system. Patches are used to temporarily fix a program until a permanent fix can be applied. Manufacturers tend to replace entire programs rather than patching or hotfixing systems. When you’re installing a patch, make sure you follow the directions to the letter; an improperly installed patch can render a system unusable.
Network devices are becoming increasingly complicated, and they require that updates be applied on a regular basis. The update process is usually accomplished using either a terminal-based or a web-based utility. Intruders are increasingly targeting routers and other devices for attack; make sure they’re kept to the current software release.
Application hardening helps ensure that vulnerabilities are minimized. Make sure you run only the applications and services that are needed to support your environment. Attackers can target application protocols. Many of the newer systems offer a rich environment for end users, and each protocol increases your risk.
Directory services allow information to be shared in a structured manner with large numbers of users. These services must be secure in order to prevent impersonation or embarrassment. The more common directory services used are LDAP, AD, X.500, and eDirectory.
Database technologies are vulnerable to attacks due to the nature of the flexibility they provide. Make sure database servers and applications are kept up-to-date. To provide increased security, many environments have implemented multi-tiered approaches to data access.
Exam Essentials
Be able to describe the process of hardening an operating system. Make sure all the products used in a network are kept up-to-date with the most current release. Apply service packs and security updates on a regular basis.
Be able to identify the capabilities of the various filesystems used. Different filesystems have different security capabilities. The least secure is FAT, which provides only share-level and user-level security. Most of the truly networked filesystems provide access down to the individual file or directory level. The method used by Unix allows each individual file to have Read, Write, or Execute permissions for security. The filesystem can be configured when the system is installed. Unix filesystems are considered the most secure for commercial applications.
Know the types of updates used in systems. The three common methods for updating are hotfixes, service packs, and patches. Hotfixes are usually applied to a system in real time in order to continue operations until a permanent fix can be made. Service packs are groups of updates for a system or application. Service packs typically replace entire programs. Patches are made to systems to solve a problem or to bypass a particular malfunctioning system.
Be able to discuss the methods of turning off unneeded protocols and services. In the Unix environment, a script file for protocols and services is run at startup. Commenting out protocols that aren’t needed is the primary method used to turn off protocols in Unix. In the Windows environment, the Services manager is one of the primary methods (along with policies) used to disable a service.
Know how ACLs work. Access control lists (ACLs) are used to identify systems and specify which users, protocols,