Exam Essentials

Previous page
Table of content
Next page

Be able to describe the process of hardening an operating system. Make sure that all of the products used in a network are kept up to date with the most current release. Apply service packs and security updates on a regular basis.

Be able to identify the capabilities of the various file systems used. File systems have various security capabilities. The least secure is FAT. FAT provides only share-level and user-level security. Most of the truly networked file systems provide access down to the individual file or directory level. The method used by UNIX allows each individual file to have read, write, or execute permissions for security. The file system can be configured when the system is installed. UNIX file systems are considered the most secure for commercial applications.

Be able to describe the types of updates used in systems. The three common methods for updating are hotfixes, service packs, and patches. Hotfixes are usually applied to a system in real time in order to continue operations until a permanent fix can be made. Service packs are groups of updates for a system or application. Service packs typically replace entire programs. Patches are made to systems to solve a problem or to bypass a particular malfunctioning system.

Be able to discuss the methods of turning off unneeded protocols and services. In the UNIX environment, a script file for protocols and services is run at startup. Commenting out protocols that are not needed is the primary method used to turn off protocols in UNIX. In the Windows environment, the services manager is one of the primary methods used to disable a service.

Be able to discuss how ACLs work. ACLs are used to identify specific systems and specify which users, services, protocols, or services are allowed. ACL-based systems can be used to prevent unauthorized users from accessing vulnerable services.

Be able to discuss the weaknesses and vulnerabilities of the various applications that run on a network. Web, e-mail, and other services each present unique security challenges that must be considered. Turn off services that are not needed. Make sure that applications are kept up to date with security and bug fixes. Implement these services in a secure manner as the manufacturer intended. This is the best method of securing applications.

Be able to identify the purpose and common protocols used for directory services. The most commonly implemented directory service is LDAP. LDAP allows users to publish information globally that they want others to know. This process is done using an LDAP server or service. Other directory services include DNS, AD, eDirectory, and X.500. Most directory services are implemented in a hierarchical manner that allows objects to be uniquely identified.

Be able to discuss the method of accessing data. The most common database method used is the relational database structure. This structure allows programmers to access data using the SQL language. SQL is extremely flexible, but it creates access security problems when poorly implemented. The most common SQL implementations use a multi-tiered approach to control various aspects of access.


Previous page
Table of content
Next page
CompTIA Security+ Study Guide. Exam SY0-101
Security+ Study Guide
ISBN: 078214098X
EAN: 2147483647
Year: 2006
Pages: 167
Authors: Michael A. Pastore
BUY ON AMAZON
Crystal Reports 9 on Oracle (Database Professionals)
Documenting Software Architectures: Views and Beyond
Network Security Architectures
Cisco Voice Gateways and Gatekeepers
Wireless Hacks: Tips & Tools for Building, Extending, and Securing Your Network
802.11 Wireless Networks: The Definitive Guide, Second Edition
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy