Protection of Operating Systems

Name: Protection of Operating Systems
Brand: Academic Documents Platform
Price: 2 USD
Availability: InStock
Author: Benjamin Fisher

Analysis of security measures for protecting operating systems.

Benjamin Fisher

Contributor

4.2

30 days ago

Preview (4 of 12)

Protection of Operating Systems
Write a paper discussing the relative advantages and disadvantages of at least three different measures
used to protect operating systems. The ease of implementation and the associated security management
issues should also be addressed. Finally, the paper should include a ranking of the measures from best
to worst with supporting rationale.
Protection of Operating Systems
Introduction
The use of computer operating systems has increased significantly across a
range of applications and utilizations within the last few years. These range from
their utilization in all forms of business operation, but also in terms of system
security, and all software applications. User have come to rely on the operating
systems being used as a primary means of accessing both command line interfaces
(CLI) and graphical user interfaces (GUI) which will serve as the way in which
applications and data are accessed as well as providing all of the necessary
information required for ongoing requirements (UMUC, 2011).
Businesses themselves will count on operating systems as a primary means
of addressing and providing the fundamental security elements of:
 Confidentiality;
 Integrity;
 Availability;
 Authenticity.
While many operating systems have incorporated a wide range of controls by
which it would be possible to mitigate and address these types of security concerns,

it is also apparent that there needs to be a range of additional measures which are
taken in order to deliver the highest possible level of security and minimize the
likelihood of any such issues being apparent.
Accordingly, measures concerning identification and authentication in terms of
their ensuing protection are fundamentally important. In advance of any user or even
system administrator being able to connect to, and utilize a system, there needs to
be a range of security measures implemented which ensures that the identity is
checked and the user authenticated before any type of access is granted. This will,
however, be designed as a first level of identification and authentication which is
designed to provide them with the minimum possible level of access required in
order to use the system accordingly.
Various access control measures will be implemented which limits the extent
to which other systems or applications, and related information can be accessed or
viewed even by an authenticated user. Certain users will have elevated access –
which may be contingent on them providing an additional login which is designed to
support this specific requirement – with HR and IT users specifically being regularly
used as an example of when such access would be required.
External and internal communications should also be monitored accordingly,
as the greater the level of communication allowed, then the correspondingly greater
will be any potential surface area for an attack. As a result, there may be a
requirement to limit certain user types from being able to engage in external
communication if it is not part of their specific roles or responsibilities.
Based on this underlying concept it is possible to evaluate ways in which
network operating systems can be protected to facilitate their ongoing role within an

organization for example. As administrators have full control and access to these
systems then they also have the ability to configure and implement a wide range of
settings, including third party applications which will be designed to increase the
protection of systems as well as increase the visibility of any potential issue or threat.
Recent versions of the major operating system platforms have all sought to
introduce a variety of additional features, such as advanced firewalls and network
access protection so that they can be considered as relatively secure once deployed
out of the box. However, this does not preclude any addition of third-party solutions
for example.
In order to determine the type of measures which would be most beneficial in
security terms it is important to understand the different levels of impact which an
issue could result in. It is possible to define each type of vulnerability with a specific
level of severity and this can be used to prioritize the measures which are then
implemented as a means of addressing them. For example, a high severity rating
would be given to any issue whereby an attacker or intruder could gain
administrative access to a system housing critical data. Medium severity would relate
in the ability to remotely access systems with standard or non-privileged credentials
while low severity would relate to local access being achieved with standard or non-
privileged credentials. As outlined in terms of standard procedures and best
practices a summary of available measures and their need to be applied is defined in
the below table (Zeltzer, 2005):
Measure Rating
Identification and Authentication protection measures High
Badge Access Control System High
Access Control High

Preview Mode

100%

Study Now!

XY-Copilot AI

Unlimited Access

Secure Payment

Instant Access

24/7 Support

Document Chat

Document Details

Subject

Information Technology

Protection of Operating Systems

Study Now!

Document Details

Related Documents

Practice Questions

Lab Create a Home Wireless Network

Network Configuration and Troubleshooting Practice

Post Test AntiTerrorism

Master Machine Learning Concepts

761541663-Wordly-Wise-Book-8-Answer-Key

Level 1 Anti-terrorism Awareness Training

Understanding Machine Instructions Elements, Types

MGBA-325QRWorkforceAssociation

DAT 375 Module 3-1 Assignment

Company

Explore

Study Tools