CompTIA Security_ Deluxe Study Guide_ SY0-201 - Emmett Dulaney [35]
Identify the four business requirements of a network security design. Identifying assets, assessing risks, identifying threats, and evaluating vulnerabilities are the four primary business requirements that must be considered in a security design.
Hands-On Labs
The labs in this chapter are as follows:
Lab 1.1: Update a Linux System
Lab 1.2: Update a Windows-Based System
Lab 1.1: Update a Linux System
It is important to keep your system current and up-to-date. As soon as a weakness in an operating system becomes known, the number of people trying to exploit that weakness grows at an almost exponential rate. In this exercise, you’ll apply patches and updates to an SuSE Linux Enterprise Server (SLES).
To apply patches and updates through YaST, the primary administration tool in SLES, follow these steps:
1. Log in as root and start YaST.
2. Choose Software and then select Online Update.
3. Click Next. YaST retrieves information about new updates. If prompted for a username and password, enter these values, and then choose to install any updates that are found. You can also choose to install patches from a CD by selecting Software and Patch CD Update. To specify settings on the server, choose Software and then System Update. Choose Change and then Update Options.
Finally, the YOU (YaST Online Update) server can be configured by choosing Software and then YOU Server Configuration.
Lab 1.2: Update a Windows-Based System
Whether you are running Windows Server 2003 or 2008, you’ll use these steps to look for updates to your system and to begin installing them:
1. Log in as administrator and start Microsoft Internet Explorer.
2. Go to http://v4.windowsupdate.microsoft.com/en/default.asp.
3. Click Express. The system will be checked, and you can choose to install any updates that are found.
Review Questions
1. Of the following types of security, which would be primarily concerned with someone stealing the server from the premises?
a. Physical security
b. Operational security
c. Management and policy
d. Authentication
2. Upper management has suddenly become concerned about security. As the senior network administrator, you are asked to suggest changes that should be implemented. Which of the following access methods should you recommend if the method is to be one that is primarily based on preestablished access and can’t be changed by users?
a. MAC
b. DAC
c. RBAC
d. Kerberos
3. Your office administrator is being trained to perform server backups. Which authentication method would be ideal for this situation?
a. MAC
b. DAC
c. RBAC
d. Security tokens
4. You’ve been assigned to mentor a junior administrator and bring him up to speed quickly. The topic you’re currently explaining is authentication. Which method uses a KDC to accomplish authentication for users, programs, or systems?
a. CHAP
b. Kerberos
c. Biometrics
d. Smart cards
5. Which authentication method sends a challenge to the client that is encrypted and then sent back to the server?
a. Kerberos
b. PAP
c. DAC
d. CHAP
6. After a careful risk analysis, the value of your company’s data has been increased. Accordingly, you’re expected to implement authentication solutions that reflect the increased value of the data. Which of the following authentication methods uses more than one authentication process for a logon?
a. Multi-factor
b. Biometrics
c. Smart card
d. Kerberos
7. Which of the following IP addresses is within the private address range?
a. 192.1.1.5
b. 192.168.0.10
c. 192.225.5.1
d. 192.255.255.255
8. After acquiring another company, your organization is in a unique position to create a new—much larger—network from scratch. You want to take advantage of this reorganization to implement the most secure environment that users, and managers, can live with. You’ve already decided that the only way this will be possible is to implement security zones.