Scribd
Upload
39 views

Chapter Two

Uploaded by

ecclesasates erdachew
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
39 views

Chapter Two

Uploaded by

ecclesasates erdachew
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 18

System & Network

Administration
Course Code: COSC4036
Chapter-2
Account and Security
Administration, and Access
Control (DAC, RBAC)
Account Management: Creating, modifying, and deleting
user accounts, assigning roles and permissions, managing
passwords, and enforcing security policies.

Authentication: Verifying the identity of users attempting to


access systems or resources.

Account and Authorization: Determining what users are allowed to do


once authenticated.

Security Auditing and Logging: Tracking user activity and system

Administration: events for monitoring and accountability.

Security Patching: Keeping systems and applications up-to-


date with security patches to address vulnerabilities.

Incident Response: Identifying, containing, and recovering


from security incidents.
Access Discretionary Access Control (DAC):
Users have direct control over who can
access their resources. Simple but can
be insecure in complex environments.
Mandatory Access Control (MAC):
The system enforces strict access rules
based on security labels and
clearances. Highly secure but can be
inflexible.

Control
Models:
Role-Based Access Control (RBAC):
Users are assigned roles with specific
permissions, and access is granted
based on the role. A good balance
between security and flexibility.
Additional
Considerations Multi-factor authentication (MFA):
Adding an extra layer of security to
logins beyond just a password.

Least privilege: Granting users only


the minimum access they need to
perform their job.

Separation of duties: Dividing tasks


and permissions to prevent
unauthorized access.

Data encryption: Protecting


sensitive data at rest and in transit.
Account and Security
Administration

Managing server user accounts


effectively is crucial for maintaining
system security and ensuring smooth
operations. Here's a breakdown of
key concepts and best practices:
User Account Creating, modifying, and deleting
user accounts: Understand different
account types, user attributes,
Role-Based Access Control
(RBAC): Learn how roles,
permissions, and assignments work to
password policies, and best practices grant appropriate access levels to

Management: for managing them securely. users.

Group Management: Discover how


groups can simplify access control
and user management.
Different authentication methods:
Explore password-based, multi-factor
authentication (MFA), single sign-on
(SSO), and other techniques.
Authentication
and Authorization models: Understand

Authorization: how access control decisions are


made based on user identity, roles,
and permissions.

Access control lists (ACLs): Learn


how ACLs define access rules for
specific resources.
Importance of keeping systems and
applications up-to-date: Understand
the risks of vulnerabilities and the
Security importance of timely patching.

Patch Patch management tools and


processes: Explore different tools and
Management: strategies for automating patch
deployment.

Security best practices for patching:


Learn how to patch securely and
minimize downtime.
Incident Response:

Preparing for security


incidents: Develop incident
response plans and
procedures.

Identifying and containing


incidents: Understand how
to detect and respond to
security events effectively.

Recovery and remediation:


Learn how to recover from
incidents and prevent future
occurrences.
Additional ACCOUNT LOCKOUT POLICIES:
DEFINE STRATEGIES TO
AUDITING AND LOGGING:
UNDERSTAND HOW TO TRACK
PREVENT UNAUTHORIZED USER ACTIVITY AND SYSTEM

Areas: ACCESS ATTEMPTS. EVENTS FOR SECURITY


MONITORING.

SECURITY AWARENESS
TRAINING: LEARN HOW TO
EDUCATE USERS ABOUT
CYBERSECURITY BEST
PRACTICES.
Managing files and
folders permission
Managing file and folder
permissions is crucial for
maintaining security and
data integrity in any
system. Let's delve into
the key concepts and
essential techniques:
Active development: Constant updates and improvements by a global
community ensure security, features, and compatibility

Learning curve: Command-line interface can be daunting for new users,


requiring more technical knowledge compared to GUI-heavy alternatives

Hardware compatibility: May not support all peripheral devices as readily


as proprietary OSes, sometimes requiring additional drivers or
configuration
Fragmented landscape: Numerous distributions can create confusion and
Strengths complicate software compatibility and package management across
different versions
Limited desktop software: While improving, the selection of user-friendly
applications compared to Windows or macOS might be lacking in certain
categories
Security risks: Open-source nature can be seen as a vulnerability if
proper security practices aren't followed
Understanding Permissions:

User: Owns the Group: Users


Others: All other
file/folder and belonging to the
users on the
has the most same group as
system.
control. the owner.

Execute (x):
Write (w): Allows
Read (r): Allows Allows executing
modifying
viewing content. files or accessing
content.
directories.
What are Disk Quotas?

DISK QUOTAS LIMIT THE AMOUNT ENSURE FAIR ALLOCATION OF PREVENT DISK EXHAUSTION: MONITOR INDIVIDUAL STORAGE
OF DISK SPACE A USER OR STORAGE RESOURCES: AVOIDS SITUATIONS WHERE THE USAGE: TRACKS HOW MUCH
GROUP CAN CONSUME ON A PREVENTS INDIVIDUAL USERS SYSTEM RUNS OUT OF DISK SPACE EACH USER OR GROUP IS
SPECIFIC FILE SYSTEM. THIS FROM MONOPOLIZING SPACE. SPACE DUE TO EXCESSIVE UTILIZING.
HELPS: USAGE.
Types of
Disk
Quotas:
HARD QUOTA: SETS A STRICT LIMIT, SOFT QUOTA: PROVIDES A WARNING
PREVENTING USERS FROM THRESHOLD BEFORE REACHING THE
EXCEEDING IT. HARD LIMIT, ALLOWING USERS TO
TAKE CORRECTIVE ACTIONS.
Setting quotas: Use system
administration tools or commands
(e.g., quota on Linux) to define hard
and soft quotas for users or groups.

Managing
Disk Quotas: Monitoring quota usage: Track
individual user/group usage and
identify potential issues.

Enforcing quotas: Apply appropriate


actions when users exceed quotas,
such as sending warnings, blocking
writes, or deleting files.
Exempting specific users or
groups: Exclude certain users or
groups from quota limitations if
needed.

Additional
Grace periods: Allow a grace
Considerations: period after exceeding the soft
quota before enforcing the hard
limit.

Quota reports: Generate reports


to analyze overall storage usage
and identify potential problems.

You might also like