Cyber Security TM256 - Systems Security Block 2

Questions and Answers

Which of the following is NOT a key security objective of authentication?

• Confidentiality
• Integrity
• Performance (correct)
• Availability

Multi-Factor Authentication enhances the security of authentication processes.

True (A)

What is the primary purpose of authentication mechanisms?

To verify the identity of an entity accessing a resource in a system.

Passwords are a basic element of approaches to __________.

authentication

Match the following authentication types with their definitions:

Multi-Factor Authentication = Uses two or more verification methods Mandatory Access Control = Access decisions are made by a system-admin Discretionary Access Control = Resource owner decides who can access Role-Based Access Control = Access based on user roles in the organization

Which of the following policies can help prevent compromises of password security?

Implementing password complexity requirements (C)

Establishing accountability does not involve data collection.

False (B)

Name one challenge associated with accountability in systems security.

Log storage and management.

What is the minimum password length typically recommended by password policies?

8 characters (B)

A master password is not required for accessing password management applications.

False (B)

What is the purpose of Two-Factor Authentication (2FA)?

To provide an additional layer of security by requiring a username and password plus confidential information.

Password management applications can help prevent the ________ of previous passwords.

reuse

Which of the following is NOT a functionality of password management applications?

Locking out all users immediately (C)

Match the following types of attacks with their descriptions:

Brute-Force Attack = Systematic guessing of passwords to gain entry Dictionary Attack = Using a predefined list of words to attempt to access accounts Denial of Service (DoS) = Blocking legitimate users from accessing a service Multi-Factor Authentication = Using multiple methods to verify user identity

Users can employ _____ applications to safely manage their passwords.

management

What measures can be taken to counter multiple failed login attempts?

Implement a timeout period to prevent further login attempts.

What is the main advantage of Role-Based Access Control (RBAC)?

It allows automatic assignment of permissions based on roles. (A)

RBAC is less suitable for small organizations due to the labor involved in managing roles.

True (A)

What does DAC stand for in access control models?

Discretionary Access Control

Under RBAC, every user is associated with one or more identified ______.

roles

What is a primary function of a reference monitor?

To enforce access control policies over subjects and objects. (D)

Match the following concepts with their descriptions:

RBAC = Access control model based on user roles DAC = Access control model allowing user discretion Role Hierarchy = Structure where child roles inherit parent roles Reference Monitor = Enforces access control policies over subjects and objects

A child role in a role hierarchy does not inherit transactions from its parent role.

False (B)

One potential disadvantage of RBAC is the occurrence of ______ explosion.

role

What is the primary role of an operating system (OS)?

To manage hardware resources and processes (B)

A monolithic operating system has all components within a trusted boundary.

True (A)

What are two techniques used by operating systems to protect critical data?

Access control and encryption

The core OS, known as the ______, provides essential services to manage hardware resources.

kernel

Match the following operating system types with their characteristics:

Basic Operating System = All components within a trusted boundary Monolithic Operating System = Components are separated into the kernel Access Control = Technique to protect resources Encryption = Technique to secure data

Which of the following is NOT a component of operating system security?

Data analysis (D)

The security of an operating system is only important for the protection of the device itself.

False (B)

What is essential for controlling access to files and devices within an OS?

Access control

Which of the following is a high-level principle of security control?

Confidentiality (D)

Server hardening is the process of enhancing a server’s performance and speed.

False (B)

What command is commonly used in Red Hat Linux to ensure the system is fully updated?

yum update

The process of securing low-level system areas, such as booting and CPU protection, is referred to as __________.

low-level operating system hardening

Match the following server hardening activities with their descriptions:

Replacing the root user account = Enhancing root account security Creating a password policy in Linux = Establishing rules for password complexity Blocking ports that are not required = Improving network security Removing services that are not required = Reducing attack surfaces

Which of the following commands is useful to block unnecessary ports on a Linux server?

iptables (A)

Regular updates to software on a server can significantly reduce security risks.

True (A)

What is the primary purpose of creating a password policy in Linux?

To enforce strong password standards and improve security.

What defines a monolithic operating system?

All OS functions are combined within a single trust boundary. (C)

Multi-server operating systems do not require inter-process communication between components.

False (B)

What is the primary function of a hypervisor in an operating system?

Resource management and scheduling.

In a hypervisor-based operating system, a ________ represents a single user account or group project.

tenant

Which of the following is a characteristic of multi-server operating systems?

They can integrate additional security mechanisms within components. (B)

In a multi-server operating system, applications can easily interact without any communication mechanism.

False (B)

What security objectives are ensured by preventing tenant access to each other's resources?

Confidentiality and availability.

Flashcards

Authentication

Verifying the identity of a user, process, or device accessing a system resource.

Password policies

Rules for creating and using passwords to improve security.

Multi-Factor Authentication

Authentication requiring multiple verification steps (e.g., password, token).

Authorization

Determining what an authenticated entity is permitted to access or do.

Mandatory Access Control

Authorization based on the security level of the user and the object.

Discretionary Access Control

Authorization based on the owner's decision to share.

Role-Based Access Control

Authorization based on job roles, granting access based on roles.

Accountability

Ensuring that actions performed by users or systems are traceable.

Password Length

The minimum number of characters a password must contain.

Password Mix

Requirements for a password to include different types of characters (alphabetic, numeric, symbols).

Password Lifetime

The period of time a password is valid before it needs to be changed.

Password Management App

Software used to securely store and manage multiple passwords.

Multi-Factor Authentication (MFA)

A security method requiring two or more authentication factors.

Brute-Force Attack

An attack that tries many password combinations until successful.

Denial-of-Service (DoS) Attack

An attack that overwhelms a system, preventing legitimate users from accessing it.

DAC

Discretionary Access Control allows users to set fine-grained access rules to objects.

RBAC

Role-Based Access Control manages access through roles, connecting users to specific actions on objects.

Role Hierarchy

A hierarchical structure of roles where child roles inherit parent roles' permissions and have additional actions.

Reference Monitor

A security component that validates access requests, ensuring access control policies are followed.

Access Control Rule

A set of criteria which enables or prevents a subject (user) from acting upon an object.

Role Explosion

In RBAC, the issue of a large number of roles making management complex.

Transaction

A combination of an object and an action that represents authorized user activity on system resources.

What is an Operating System (OS)?

An operating system manages a device's memory, processes, and provides a platform for applications to run.

Why is OS security crucial?

An insecure OS can compromise the entire device, applications, and data, potentially giving attackers access to other networked resources.

What does the OS kernel do?

The kernel provides core services, manages hardware resources, and enforces security measures like access control.

Trusted Boundary

A secure area in a basic OS where all components and users are authenticated and authorized to access the entire system.

Single Domain Design

A basic OS design where all system components are accessible to all users and applications. Less secure.

Monolithic OS Kernel

The central core of a monolithic OS that runs with higher privileges than user applications, providing separation and security.

What is the benefit of kernel separation in a Monolithic OS?

It provides more isolation and security by preventing user applications from directly accessing critical system components.

How did OS designs evolve?

OSs evolved from single-domain designs with less security to more separated designs with a kernel to improve security.

Monolithic OS

An operating system where all functions are combined within a single security boundary, accessible only by the administrator. Applications are isolated outside this boundary and have controlled access to resources.

Multi-server OS

An OS where each component (like the scheduler, memory manager, etc.) has its own security boundary, requiring inter-process communication (IPC) to interact.

Hypervisor

The core management component in a hypervisor-based OS, responsible for resource management (memory, networking, disk) and providing an interface between the hardware and software components.

Tenant

A user account or group representing a project, allocated with resources to create virtual environments within a hypervisor-based OS.

Virtual machine

A software environment emulated by a hypervisor, allowing users to run different operating systems or applications on the same physical hardware.

Inter-Process Communication (IPC)

The mechanism by which different processes or components within an OS (especially in multi-server OS) communicate and exchange information.

Virtual resources

Resources like memory, storage, and networking, emulated and managed by a hypervisor, accessible to tenants and their virtual machines within a hypervisor-based system.

Server Hardening

The process of securing a system's configuration and settings to reduce vulnerabilities.

Linux Server Hardening

Securing a Linux server by updating software, implementing password policies, removing unnecessary services, and blocking ports.

Windows Server Hardening

Securing a Windows server by implementing password policies, using security scanning tools like Windows Defender, and removing unnecessary software.

Yum Update

A Linux command used to update software on a Red Hat system.

BIOS (Basic Input/Output System)

Firmware responsible for managing the start-up process of hardware components and loading the operating system.

Low-Level Operating System Hardening

Securing low-level areas like the boot process, memory, and CPU to prevent attacks.

Confidentiality

Protecting information from unauthorized disclosure, ensuring only authorized individuals can access it.

Integrity

Ensuring information is accurate and complete, preventing unauthorized modifications.

Study Notes

Cyber Security TM256 - Block 2: Systems Security

• Course offered by Dr. Ahmed Mahfouz at AOU, Oman

• Part 5: Authentication, authorization, and accountability

  • Authentication: verifying entity identity
  • Password policies: crucial for security
  • Multi-Factor Authentication (2FA): uses username/password & another factor
  • Authorization: right to access system resources
    • Access control models
      • Mandatory Access Control (MAC)
      • Discretionary Access Control (DAC)
      • Role-Based Access Control (RBAC)
  • Accountability: tracking security-relevant actions
    • Establishing accountability: recording events
    • Data collection: mechanisms to record information
    • Log storage and management: maintaining logs
    • Logging obligations: GDPR requirements for logging personal data

• Part 6: Operating system security

  • Overview of operating systems: fundamental to managing device processes
  • Operating system architecture
    • Basic operating systems
    • Monolithic operating systems
    • Multi-server operating systems
    • Hypervisor-based operating systems
  • Principles of operating system security: confidentiality, integrity, availability
  • Server hardening: securing a system's configuration
    • Keeping Linux up-to-date: using yum command, maintaining software lists, updating and deleting software
    • Server hardening activities: replacing root user account, creating password policies, removing unnecessary services, blocking ports, using scanning tools
  • Low-level operating system hardening: securing low-level areas like booting, memory & CPU
    • Implementing UEFI, establishing trust, testing hardware, selecting boot device, starting OS

• Learning Outcomes

  • Understand theory and practice of systems security, including threats, controls, and policies
  • Identify threats and vulnerabilities and develop security controls
  • Effectively communicate and analyze problems within a computer environment
  • Stay updated with cyber security developments