...--------------------------------------------------------------------------------------------------------------------- 1. During the install, the option to sync with a NTP (Network Time Protocol) server was checked. From a security perspective, why is it important for a system to keep accurate time? The most interesting importance of NTP would be the auto key system, if your system doesn’t keep correct time a attacker who needs to change time so that a replay attack can happen could be very damaging, that is why today’s version of NTP shields against this in several ways. 2. During the install, a password has been set for the “root” user, and when is it appropriate to use this account? It is highly recommended that you only use this account when there are tasks that require root privileges such as moving files or directories into or out of system directories. 3. During the install, X-Window and a Desktop Manager were installed. However, in a production environment it is recommended NOT to run the X-Windows Environment. Explain the purpose for this recommendation? In a production environment hardware requirements and not to run the X-Windows Environment may sometimes vary, X-Window is intended for primarily workstation use only example personal computing on a Linux box. The X-Window was intended and developed for the network GUI only, X-Windows by itself doesn’t even have an interface. 4. During the install process it asks what the options given to create the partition...
Words: 1158 - Pages: 5
...Assessment Worksheet Installing a Core Linux Operating System on a Server IS3440 - Linux Security Course Name and Number: _____________________________________________________ Student Name: ________________________________________________________________ Instructor Name: ______________________________________________________________ Lab Due Date: ________________________________________________________________ Overview The foundation of host-based security starts with the installation of the operating system (OS). Contrary to popular opinion, there is no such thing as a secure operating system, but in this lab, you learned how to install the Linux CentOS operating system in a secure manner. You created a new virtual machine, partitioned the hard drive, and installed the Linux operating system. You also created a non-root user account and verified that key services were (or were not) running. Lab Assessment Questions & Answers 1. During the Minimal install, NTP (Network Time Protocol) server was not installed. From a security perspective, why is it important for a system to keep accurate time? To keep the system in sync and up to date for logging purposes such as any incidents that occur. Otherwise a time may not be correct when checking logs for an incident. 2. During the install, you set a password for the root user. What is the root user, and when is it appropriate to use this account? The root user is the system administrator. It is only appropriate...
Words: 503 - Pages: 3
...Technical Institute IS3340 Windows Security Onsite Course SYLLABUS Credit hours: 4.5 Contact/Instructional hours: 60 (30 Theory Hours, 30 Lab Hours) Prerequisite(s) and/or Corequisite(s): Prerequisite: NT2580 Introduction to Information Security or equivalent Course Description: This course examines security implementations for a variety of Windows platforms and applications. Areas of study include analysis of the security architecture of Windows systems. Students will identify and examine security risks and apply tools and methods to address security issues in the Windows environment. Windows Security Syllabus Where Does This Course Belong? This course is required for the Bachelor of Science in Information Systems Security program. This program covers the following core areas: Foundational Courses Technical Courses BSISS Project The following diagram demonstrates how this course fits in the program: IS4799 NT2799 IS4670 ISC Capstone Project Capstone ProjectCybercrime Forensics NSA NT2580 NT2670 Introduction to Information Security IS4680 IS4560 NT2580 NT2670 Email and Web Services Hacking and Introduction to Security Auditing for Compliance Countermeasures Information Security Email and Web Services NT1230 NT1330 Client-Server Client-Server Networking I Networking II IS3230 IS3350 NT1230 NT1330 Issues Client-Server Client-Server SecurityContext in Legal Access Security Networking I Networking II NT1110 ...
Words: 2305 - Pages: 10
