Security Part 1: Auditing Operating Systems and Networks

This document provides an overview of operating system security and auditing. It discusses operating system objectives like translating languages and allocating resources. It also covers operating system security policies and controls like log-on procedures, access tokens, and access control lists. Potential threats are outlined such as privileged users abusing access and viruses. Controls and audit tests are then described, including controlling access privileges, passwords, viruses, and system audit trails to detect unauthorized access and promote accountability. Network auditing risks are also briefly mentioned.

Uploaded by

Joan Marie Geron

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PPTX, PDF, TXT or read online on Scribd

0% found this document useful (0 votes)

87 views9 pages

Security Part 1: Auditing Operating Systems and Networks

Uploaded by

Joan Marie Geron

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PPTX, PDF, TXT or read online on Scribd

You are on page 1/ 9

CHAPTER 3

Security Part 1: Auditing Operating Systems and Networks

Operating Systems
• Computer’s control program
• Operating System Objectives
• Translate high level languages into machine level language that a computer
can execute. (Compilers and Interpreters)
• Allocates computer resources to users, workgroups and applications.
• Manages the task of job scheduling and multi programming
Operating System Security
• Policies, procedures and controls that determine who can access the
Operating system
• LOG-ON PROCEDURES
• First line of defense against unathorized users (ID and Password)
• ACCESS TOKEN
• Used to approved all actions of user
• ACCESS CONTROL LIST
• Assigned to each IT Resource
• DISCRETIONARY ACCESS PRIVILEGES
• Users grants access privileges to others.
Threats to Operating System Integrity
• Privileged personnel who abuse their authority. System
administrators and programmers require unlimited access to the OS
to perform maintenance and to recover from system failures.
• Individuals, both external and internal to the organization, who
browse the OS identify and exploit security flaws
• Individual who intentionally or accidentally insert computer viruses or
other destructive programs into the OS.
Operating System Controls and Audit Test
• Control Access Privileges
• Audit obejectives is to verify access privileges granted in a manner that is
consistent with the need to separate incompatible functions and is in
accordance with the organizations policy.
• Password Control
• Secret code that a user enters to gain access to the systems, application, data
files or network server.
• Reusable and One time Password
• Virus Control
• Key to virus control is the strict adherance to the organizational policies and
procedures that guard against virus infection
• System Audit Trail Control
• Logs that record activity at the system, application and user level
• Keystore Monitoring and Event Monitoring
• Setting Audit Trail Objectives
1. Detecting unauthorized access to the system
2. Facilitatuing the reconstruction of events
3. Promoting personal accountability
Implementing a System Audit Trail
• The information contained in audit logs is useful to accountants in
measuring the potential damage and financial loss associated with
application errors, abuse of authority or unauthorized access by
outside intruders.
Auditing Networks
• Intranet Risks
• Interception of network messages
• Access to corporate database
Lopez),

Dieter Gollmann-Computer Security-Wiley (2011) - Chính
No ratings yet
Dieter Gollmann-Computer Security-Wiley (2011) - Chính
458 pages
SANS 512 Indexes
No ratings yet
SANS 512 Indexes
29 pages
Auditing Operating Systems: Audit Objectives Relating To Access Privileges
No ratings yet
Auditing Operating Systems: Audit Objectives Relating To Access Privileges
2 pages
Auditing Operating Systems and Networks
No ratings yet
Auditing Operating Systems and Networks
63 pages
Digital Privacy PPT Draft
No ratings yet
Digital Privacy PPT Draft
20 pages
CEH v10 Module 14 - Hacking Web Applications
No ratings yet
CEH v10 Module 14 - Hacking Web Applications
11 pages
Public Cloud Comparison
No ratings yet
Public Cloud Comparison
1 page
CC
No ratings yet
CC
19 pages
Chapter 3: Security Part I: Auditing Operating Systems and Networks
No ratings yet
Chapter 3: Security Part I: Auditing Operating Systems and Networks
11 pages
Security Part 1: Auditing Operating Systems and Networks
No ratings yet
Security Part 1: Auditing Operating Systems and Networks
58 pages
Ch03-Security Part 1. Auditing Operating Systems and Networks
100% (1)
Ch03-Security Part 1. Auditing Operating Systems and Networks
42 pages
Auditing Operating Systems Networks: Security Part 1: and
No ratings yet
Auditing Operating Systems Networks: Security Part 1: and
24 pages
Computer 5 Chapter 3
No ratings yet
Computer 5 Chapter 3
8 pages
Lesson-5_-Audit-Operating-Systems
No ratings yet
Lesson-5_-Audit-Operating-Systems
58 pages
AUDITING OPERATIONS SYSTEM
No ratings yet
AUDITING OPERATIONS SYSTEM
2 pages
Chap03 - Security Part I - Auditing Database Systems and Networks
No ratings yet
Chap03 - Security Part I - Auditing Database Systems and Networks
63 pages
Security Part I: Auditing Operating Systems and Networks
No ratings yet
Security Part I: Auditing Operating Systems and Networks
8 pages
Audit of Operating System Networks
No ratings yet
Audit of Operating System Networks
47 pages
Chapter-3 2
No ratings yet
Chapter-3 2
79 pages
Chapter 6 (1) Auditing Operating Systems and Networks
No ratings yet
Chapter 6 (1) Auditing Operating Systems and Networks
42 pages
Isam Lec6
No ratings yet
Isam Lec6
34 pages
Auditing in CIS Environment - Auditing Operating Systems and Networks (Final)
100% (2)
Auditing in CIS Environment - Auditing Operating Systems and Networks (Final)
44 pages
Chapter 3 CIS
No ratings yet
Chapter 3 CIS
43 pages
Chapter 3
No ratings yet
Chapter 3
6 pages
Auditing Operating System
No ratings yet
Auditing Operating System
10 pages
6 - Security Part I - Auditing Operating Systems and Networks
100% (1)
6 - Security Part I - Auditing Operating Systems and Networks
68 pages
Chapter 6 (1) - Auditing Operating S. and N (Flash)
No ratings yet
Chapter 6 (1) - Auditing Operating S. and N (Flash)
46 pages
Security Part I Auditing Operating Systems and Networks
No ratings yet
Security Part I Auditing Operating Systems and Networks
35 pages
Security Part 1. Auditing Operating Systems and Network
No ratings yet
Security Part 1. Auditing Operating Systems and Network
1 page
It Controls Part Ii: Security and Access Operating System: Interpreters
No ratings yet
It Controls Part Ii: Security and Access Operating System: Interpreters
13 pages
Group 2 Cis
No ratings yet
Group 2 Cis
49 pages
Topic 4 Auditing It Environment Part Iii Auditing Operatig System
No ratings yet
Topic 4 Auditing It Environment Part Iii Auditing Operatig System
32 pages
Auditing IT Controls Part II: Security and Access
No ratings yet
Auditing IT Controls Part II: Security and Access
47 pages
Xaudcis Holy Angel University
No ratings yet
Xaudcis Holy Angel University
49 pages
More notes
No ratings yet
More notes
4 pages
Auditing Operating System
No ratings yet
Auditing Operating System
5 pages
CHAPTER 16: Auditing in CIS
No ratings yet
CHAPTER 16: Auditing in CIS
6 pages
Security Part I: Auditing Operating Systems and Networks: IT Auditing, Hall, 4e
100% (1)
Security Part I: Auditing Operating Systems and Networks: IT Auditing, Hall, 4e
63 pages
Cis Handout
No ratings yet
Cis Handout
3 pages
Ch3 - System Security - OS and Networks
No ratings yet
Ch3 - System Security - OS and Networks
69 pages
Auditing Operating System and Network
No ratings yet
Auditing Operating System and Network
15 pages
Operations Security Operational Controls Are Not Concerned With Audit Trails!
No ratings yet
Operations Security Operational Controls Are Not Concerned With Audit Trails!
4 pages
IT Controls Part II: Security and Access: Accounting Information Systems, 5
No ratings yet
IT Controls Part II: Security and Access: Accounting Information Systems, 5
39 pages
IT Controls Part II: Security and Access
No ratings yet
IT Controls Part II: Security and Access
42 pages
Ass 2 System Security
No ratings yet
Ass 2 System Security
6 pages
Chapter_1-1[1]
No ratings yet
Chapter_1-1[1]
22 pages
AUD IN CIS ENVIRONMENT (1)
No ratings yet
AUD IN CIS ENVIRONMENT (1)
18 pages
Computer-Security-Third-Edition-Dieter-Gollmann 2
100% (2)
Computer-Security-Third-Edition-Dieter-Gollmann 2
30 pages
EDP Audit Bab 3 Security Part I Audit Operating System
No ratings yet
EDP Audit Bab 3 Security Part I Audit Operating System
23 pages
CSCI 620 Lecture1
No ratings yet
CSCI 620 Lecture1
30 pages
Chapter 16 IT Controls Part II Security and Access
No ratings yet
Chapter 16 IT Controls Part II Security and Access
41 pages
Operating System Security: CSCI620M03/CSCI445M02/ITEC445 M02 Instructor: Qian Wang
No ratings yet
Operating System Security: CSCI620M03/CSCI445M02/ITEC445 M02 Instructor: Qian Wang
30 pages
Chapter 1 Final
No ratings yet
Chapter 1 Final
32 pages
System Security
No ratings yet
System Security
120 pages
Chapter 7 PDF
No ratings yet
Chapter 7 PDF
4 pages
CS Chapter 1 UP
No ratings yet
CS Chapter 1 UP
10 pages
It22 Report
No ratings yet
It22 Report
3 pages
What Is Information Security
No ratings yet
What Is Information Security
19 pages
Structured System Analysis and Design (BIT321) System Security and Audit
No ratings yet
Structured System Analysis and Design (BIT321) System Security and Audit
18 pages
Computer Security Unit 1[1]
No ratings yet
Computer Security Unit 1[1]
162 pages
Lecture16- Security
No ratings yet
Lecture16- Security
23 pages
Computer Security
No ratings yet
Computer Security
50 pages
Ian Talks Hacking A-Z
From Everand
Ian Talks Hacking A-Z
Ian Eress
No ratings yet
Hacker’s Guide to Machine Learning Concepts
From Everand
Hacker’s Guide to Machine Learning Concepts
Trilokesh Khatri
No ratings yet
Hacking Wireless Wifi
No ratings yet
Hacking Wireless Wifi
7 pages
Ap1 Mastering Physics Access Instructions
No ratings yet
Ap1 Mastering Physics Access Instructions
2 pages
70-411 R2 Test Bank Lesson 18
No ratings yet
70-411 R2 Test Bank Lesson 18
11 pages
FortiGate IPSec VPN User Guide
No ratings yet
FortiGate IPSec VPN User Guide
166 pages
Registration Form of Participants
No ratings yet
Registration Form of Participants
2 pages
Cybersafety A Presentation by Jaskaran Singh
No ratings yet
Cybersafety A Presentation by Jaskaran Singh
9 pages
7.2 Threats in Networks: Network Security / G. Steffen 1
No ratings yet
7.2 Threats in Networks: Network Security / G. Steffen 1
22 pages
Wireless Networking Security: © The Government of The Hong Kong Special Administrative Region
No ratings yet
Wireless Networking Security: © The Government of The Hong Kong Special Administrative Region
30 pages
Cybersecurity Protecting Your Digital World
No ratings yet
Cybersecurity Protecting Your Digital World
10 pages
ISSC421
No ratings yet
ISSC421
364 pages
REPORT On Cyber Security
No ratings yet
REPORT On Cyber Security
2 pages
Meet Our Board
100% (2)
Meet Our Board
2 pages
Senn Ha Play
No ratings yet
Senn Ha Play
3 pages
C6 - LAB - Access Control
No ratings yet
C6 - LAB - Access Control
4 pages
Polytechnic University of The Philippines Master List
No ratings yet
Polytechnic University of The Philippines Master List
2 pages
PATAS Dec
No ratings yet
PATAS Dec
27 pages
Learning To Manage Health Information: A Theme For Clinical Education
100% (2)
Learning To Manage Health Information: A Theme For Clinical Education
48 pages
1.1.1.5 Lab - Cybersecurity Case Studies
No ratings yet
1.1.1.5 Lab - Cybersecurity Case Studies
2 pages
PSKCVL San-Gavino 6917021.dec
No ratings yet
PSKCVL San-Gavino 6917021.dec
6 pages
CryptoServerCP5 ST Lite
No ratings yet
CryptoServerCP5 ST Lite
126 pages
Health Declaration Health Declaration: City of Mati City of Mati
No ratings yet
Health Declaration Health Declaration: City of Mati City of Mati
2 pages
Equifax Data Breach - A Case Study
No ratings yet
Equifax Data Breach - A Case Study
8 pages
Privacy Policy Redline 05mar21 en
No ratings yet
Privacy Policy Redline 05mar21 en
10 pages
Documents, Permits and Certificate Storage and Verification Enhancements With Blockchain (Distributed Ledger) Technology
No ratings yet
Documents, Permits and Certificate Storage and Verification Enhancements With Blockchain (Distributed Ledger) Technology
3 pages
SmallBusCompliancePoster PDF
No ratings yet
SmallBusCompliancePoster PDF
1 page
Security Intelligence Report Volume 22
No ratings yet
Security Intelligence Report Volume 22
74 pages