StudyXY
RegisterLog in

Protection of Operating Systems

Analysis of security measures for protecting operating systems.

Benjamin Fisher
Contributor
4.4
43
5 months ago
Preview (4 of 12 Pages)
100%
Purchase to unlock

Page 1

Protection of Operating Systems - Page 1 preview image

Loading page image...

Protection of Operating SystemsWrite a paper discussing the relative advantages and disadvantages of at least three different measuresused to protect operating systems. The ease of implementation and the associated security managementissuesshould also be addressed. Finally, the paper should include a ranking of the measures from bestto worst with supporting rationale.Protection of Operating SystemsIntroductionThe use of computer operating systems has increased significantly across arange of applications and utilizations within the last few years. These range fromtheir utilization in all forms of business operation, but also in terms of systemsecurity, and all software applications. User have come to rely on the operatingsystems being used as a primary means of accessing both command line interfaces(CLI) and graphical user interfaces (GUI) which will serve as the way in whichapplications and data are accessed as well as providing all of the necessaryinformation required for ongoing requirements (UMUC, 2011).Businesses themselves will count on operating systems as a primary meansof addressing and providing the fundamental security elements of:Confidentiality;Integrity;Availability;Authenticity.While many operating systems have incorporated a wide range of controls bywhich it would be possible to mitigate and address these types of security concerns,

Page 2

Protection of Operating Systems - Page 2 preview image

Loading page image...

Page 3

Protection of Operating Systems - Page 3 preview image

Loading page image...

it is also apparent that there needs to be a range of additional measures which aretaken in order to deliver the highest possible level of security and minimize thelikelihood of any such issues being apparent.Accordingly, measures concerning identification and authentication in terms oftheir ensuing protection are fundamentally important. In advance of any user or evensystem administrator being able to connect to, and utilize a system, there needs tobe a range of security measures implemented which ensures that the identity ischecked and the user authenticated before any type of access is granted. This will,however, be designed as a first level of identification and authentication which isdesigned to provide them with the minimum possible level of access required inorder to use the system accordingly.Various access control measures will be implemented which limits the extentto which other systems or applications, and related information can be accessed orviewed even by an authenticated user. Certain users will have elevated accesswhich may be contingent on them providing an additional login which is designed tosupport this specific requirementwith HR and IT users specifically being regularlyused as an example of when such access would be required.External and internal communications should also be monitored accordingly,as the greater the level of communication allowed, then the correspondingly greaterwill be any potential surface area for an attack. As a result, there may be arequirement to limit certain user typesfrom being able to engage in externalcommunication if it is not part of their specificroles or responsibilities.Based on this underlying concept it is possible to evaluate ways in whichnetwork operating systems can be protected to facilitate their ongoing role within an

Page 4

Protection of Operating Systems - Page 4 preview image

Loading page image...

organization for example. As administrators have full control and access to thesesystems then they also have the ability to configure and implement a wide range ofsettings, including third party applications which will be designed to increase theprotection of systems as well as increase the visibility of any potential issue or threat.Recent versions of the major operating system platforms have all sought tointroduce a variety of additional features, such as advanced firewalls and networkaccess protection so that they can be considered as relatively secure once deployedout of the box. However, this does not preclude any addition of third-party solutionsfor example.In order to determine the type of measures which would be most beneficial insecurity terms it is important to understand the different levels of impact which anissue could result in. It is possible to defineeach type of vulnerability with a specificlevel of severity and this can be used to prioritize the measures which are thenimplemented as a means of addressing them. For example, a high severity ratingwould be given to any issue whereby an attacker or intruder could gainadministrative access to a system housing critical data. Medium severity would relatein the ability to remotely access systems with standard or non-privileged credentialswhile low severity would relate to local access being achieved with standard or non-privileged credentials. As outlined in terms of standard procedures and bestpractices a summary of available measures and their need to be applied is defined inthe below table (Zeltzer, 2005):MeasureRatingIdentification and Authentication protection measuresHighBadge Access Control SystemHighAccess ControlHigh
Preview Mode

This document has 12 pages. Sign in to access the full document!

Study Now!

XY-Copilot AI
Unlimited Access
Secure Payment
Instant Access
24/7 Support
Document Chat

Document Details

Subject
Information Technology

Related Documents

View all
Class Notes

DevOps and Its Importance Study Notes

DevOps Overview – Covers culture, performance metrics, CI/CD, CALMS model, automation, continuous testing, and frameworks like Agile, SAFe, and SRE. Ideal for modern IT and DevOps foundation learning.

Past Exams

Veeam Certified Engineer VMCE-V12

Veeam Backup Q&A – Covers Scale-out Backup Repositories, Oracle RMAN plug-in, agent-supported OS, and retention policies. Ideal for IT pros preparing for Veeam certification or data protection roles.

Past Exams

Modules 1 - 3 Basic Network Connectivity and Commu

Modules 1–3: ITN v7.0 Exam Answers on Basic Network Connectivity and Communications. Covers OSI model, IP addressing, protocols, and network devices. Ideal for CCNA exam prep.

Class Notes

Notes CCNA

Set boot file and recover from crash on Cisco switches. Use boot system commands, mode button, and boot loader steps to restore functionality after power loss or software issues.

Class Notes

CCNA 200-301 Portable Command Guide 5th Edition 20

Configure and secure NTP for accurate time across your network. Learn NTP design, troubleshooting, clock settings, and timestamps with configuration examples to support SLAs and log accuracy.

Class Notes

CCNA 200-301 Portable Command Guide 5th Edition 22

Manage traffic using ACLs: Learn to create, apply, and verify standard, extended, named, and IPv6 ACLs. Includes tips, keywords, sequence numbers, and configuration examples.

Class Notes

CCNA 200-301 Portable Command Guide 5th Edition 36

Learn how to subnet IPv4 addresses using binary math, including Class B and C subnetting, binary ANDing, and shortcuts—essential skills for mastering the CCNA 200-301 exam.

Class Notes

Foundations of Novell Networking Section 26

Learn how web servers work and explore installing and configuring the NetWare Enterprise Web Server in NetWare 6, including support for iFolder and iPrint.

Class Presentation

Modulo 7 DHCPv4

Aprende a configurar DHCPv4 para asignar IPs dinámicamente. Ideal para redes grandes o pequeñas, usando servidores dedicados o routers Cisco con IOS como servidor DHCP eficiente.

Class Notes

Build and troubleshooting Integration Challenge

Networking Practice Exam: Configura y soluciona redes con routers y VLANs. Incluye direccionamiento IP detallado, subredes, interfaces y pruebas de conectividad para integración de sistemas.