CompTIA Security_ Deluxe Study Guide_ SY0-201 - Emmett Dulaney [139]
Be able to discuss the weaknesses and vulnerabilities of the various applications that run on a network. Web, e-mail, and other services present unique security challenges that must be considered. Turn off services that aren’t needed. Make sure applications are kept up-to-date with security and bug fixes. Implement these services in a secure manner, as the manufacturer intended; this is the best method for securing applications.
Be able to identify the purpose and common protocols used for directory services. The most commonly implemented directory service is LDAP. LDAP allows users to globally publish information that they want others to know. This process is done using an LDAP server or service. Other directory services are DNS, AD, eDirectory, and X.500. Most directory services are implemented in a hierarchical manner that allows objects to be uniquely identified.
Hands-On Labs
The labs in this chapter are as follows:
Lab 5.1: Install OpenLDAP on a SuSE Server
Lab 5.2: Work with Performance Monitor and Windows
Lab 5.3: Work with Unix/Linux Networking
Lab 5.1: Install OpenLDAP on a SuSE Server
OpenLDAP is the primary LDAP service in use in Linux implementations. To install OpenLDAP on the SuSE server, follow these steps:
1. Start YaST as the root user.
2. Choose Software and then Install and Remove Software.
3. Type openldap in the Search field and click Search.
4. Check the openldap2, openldap2-client, and yast2-ldap-server packages and click Accept. Insert any SLES CDs needed if prompted.
5. Back in YaST, choose Network Services, then LDAP Server. A prompt may appear informing you that you must start LDAP—if this is the case, choose to do so.
6. Click Configure, and you are automatically able to edit the configuration files entries through the YaST interface.
7. Click Finish.
Lab 5.2: Work with Performance Monitor and Windows
Performance Monitor’s objects and counters are specific; you can use Performance Monitor as a general troubleshooting tool as well as a security-troubleshooting tool. For instance, you can see where resources are being utilized and where the activity is coming from. In this lab, you’ll use the Performance Monitor tool to become more familiar with its functionality:
1. Select Start Settings Control Panel Administrative Tools and choose Performance.
2. Click the Add Counters button, and choose to add the Processor Performance object.
3. Add the %Processor Time counter, and then click Close.
4. Choose Start Search For Files and Folders and click the Search Now button without specifying any particular files to look for. Quickly change to Performance Monitor and watch the impact of this search on the processor. This action is time consuming and therefore will help you notice the changes that take place in Performance Monitor.
5. Run the same operation again, but this time change your view within Performance Monitor to histogram (click the two buttons to the left of the plus sign [+]).
6. Run the same operation again, and change your view within Performance Monitor to report (click the button directly to the left of the plus sign [+]).
7. Exit Performance Monitor.
Lab 5.3: Work with Unix/Linux Networking
As a security administrator, you should know about the default networking files and their purpose. In this lab, you’ll work from the command line and look at the values of some key variables. These text files hold configuration values that can be used to set networking parameters.
1. From a command prompt, change to the /etc directory.
2. View the contents of the HOSTNAME file by typing the following at the command prompt: cat HOSTNAME. The value shown holds the name of the host and domain on a single line (in some implementations, the name of the file is lowercase rather than uppercase).
3. View the contents of the hosts file by typing cat hosts. This is an ASCII file used to list IP addresses and text names of known hosts. The