Free Essay

It Bus

In:

Submitted By gb4gb4
Words 6274
Pages 26
Chapter 2. Security in the Microsoft Windows Operating
System
ONE OF THE MORE DIFFICULT TASKS when securing any computer system or network is identifying where to start. There are many components in any computing environment. Each component is a potential point of attack.
Since the operating system provides the ability for software and hardware to interact it is a good starting point for securing an entire environment. On any computer, the operating system enables software to access physical resources. For example, it is the operating system that governs how any application actually reads from, or writes to, a physical disk. Consequently, the operating system is a prime candidate for attack and a valuable resource to protect. From an attacker's point of view, a compromised operating system provides easy access to protected information.
Compromising operating system controls gives the attacker the ability to remove evidence of attacks and "clean up" any leftover log entries or other traces of the attack. A secure operating system is the basis of a secure environment. In this chapter you will learn about the Windows operating system architecture and controls to ensure system security. You will also learn how attackers search for, find, and exploit operating system vulnerabilities. With the knowledge of how attackers operate you'll be able to identify and implement the right controls to secure your environment. Chapter 2 Topics
In this chapter, the following topics and concepts are presented:
What the organization of the operating system components and architecture are
What the basic Windows operating system architecture is
What access controls and authentication are
What security tokens, rights, and permissions are
What users, groups, and Active Directory are
What Windows attack surfaces and mitigation are
What fundamentals of Microsoft Windows security monitoring and maintenance are

Chapter 2 Goals
Upon completion of this chapter, you will be able to:
Distinguish operating system components from architecture
Describe the basic Windows OS architecture

Discuss access controls and authentication
Explain security tokens, rights, and permissions
Research the features of several common security tokens
Identify the purposes of users and groups
Discuss the features of directory services
Analyze the business advantages and challenges of Active Directory
Describe Windows attack surfaces and mitigation
Summarize the fundamentals of Microsoft Windows security monitoring and maintenance

Operating System Components and Architecture
In spite of the reference to an "operating system" as a single entity, an operating system is not a single huge program. An operating system is actually a collection of many programs working together, along with data, to provide access to physical resources. The goal of secure information can simply be expressed as simultaneously ensuring both of the following situations:

1. All required information is available to authorized users.
2. No information is available to unauthorized users.
Although these two basic situations appear to be clear and straightforward, simultaneously ensuring both can be challenging. Once security controls are in place, attackers must identify methods to compromise the controls and gain the privileges of an authorized user. The methods attackers use will rely on one or more vulnerabilities. Your goal is to identify and mitigate as much vulnerability as possible to deny the opportunity for an attacker to realize a threat. The first step in planning how to secure the operating system is to understand the purpose of various operating system components. Each operating system component, and the communication between components, can be a potential point of attack. There are many different operating systems in use today, and often multiple versions of each one; however, there are components and services that are common among them.

The Kernel
The central component of most operating systems is the kernel. The kernelis the part of the operating system that may partially reside in memory and provides the backbone of the operating system's services. The classic definition of the kernel states that the entire kernel resides in memory. Today's more complex operating system kernels are made up of both the main memory resident components and external loadable modules. The use of loadable modules reduces the kernel's memory footprint. The kernel provides access to physical resources and

often runs other operating system programs to complete a task. The memory­resident kernel code will directly handle access to the CPU where efficiency is crucial. In other cases where flexibility is more important the kernel will run device driver programs to handle physical resource access. The second approach is slower but makes it easy for the operating system to support a wide variety of hardware from different vendors. All that is needed is a device driver program for the operating system to support a new device.

Warning
Of course, each new device driver means a new potential vulnerability and possible point of attack.
Ensure your systems do not have device drivers installed for retired devices.

Figure 2­1. Operating system kernel.

Note
Some operating system implementations also refer to the maximum privilege mode as supervisor mode. Many current operating systems actually implement microkernelarchitecture. A microkernel only implements the minimal required functionality in memory resident portion of the operating system, such as memory management, inter­process communication, and process scheduling. Other necessary functionality is supported by external programs. The main difference between internal and external programs is the privilege level at which each runs. A pure microkernel only allows memory­resident components to run at kernel, or maximum privilege, mode.
The kernel also includes areas of memory reserved for the operating system data structures. One example of an operating system data structure is the process, or task table. The process table contains one entry for each running process. Each operating system stores different process properties, but the basic information in the process table is consistent. Figure 2­2 shows a few of the types of information the operating system maintains for processes.

Figure 2­2. Windows process table contents.

One common process property is the mode in which a process is run. Processes generally run in either "user mode" or "supervisor mode."Processes run in supervisor mode can perform more tasks and access more restricted parts of the computer system. One way for an attacker to access a protected resource is to modify the process table entry and change a user mode process to supervisor mode. The process table is only one example of a kernel data structure that must be secured from changes. However, processes running in user mode should be able to view the information in the process table to see what is running at any point in time. The kernel keeps track of what processes can do and what they can't.

Operating System Components

Operating System Components
Operating systems contain far more than just the kernel. The kernel provides core services of the operating system and calls external programs to provide many more operating system services. Table 2­1 contains a list of general services most current operating systems provide.
Table 2­1. Operating system general services.
OPERATING

DESCRIPTION

SYSTEM
SERVICE
Program/process

The operating system manages locating, loading, and

management

actually executing all programs. It handles memory allocation, CPU scheduling, and providing the necessary environment for each program.

Input and

Nearly every program requires input and produces

Output

output. The operating system hides the details of the physical hardware and provides programs with the ability to process input and output.

File System

The operating system also provides access to long­ term storage, such as disk drives, and helps to organize the information to make it easily and efficiently accessible.

Communication

Programs often need to communicate with other programs, both locally and on other computers. The operating system provides the support for exchanging information between programs.

Error Detection

The operating system is responsible for monitoring

and Alerts

activities that occur within the computer and for responding when errors occur.

From a security view, the most important concept of this section is that the operating system is the collection of programs that control access to the physical hardware. Since information is stored and transmitted on physical hardware, ensuring the security of protected information starts with ensuring the security of the operating system.

Basic Windows Operating System Architecture
The Microsoft Windows operating system has changed a lot from the simple personal computer operating system,

DOS. It has grown from a single product offering to a full family of products to meet different needs. The current versions of Windows address a wide variety of computing needs, from portable devices and workstations to enterprise class high performance platforms. The Windows operating system is designed to be a modular system to provide the widest variety of services for most platform requirements.
The current versions of client and server operating systems, Windows 7 and Windows Server 2008 R2, are both based on the Windows NT code base. Windows NT was Microsoft's first operating system designed with security in mind. The first commercial version of Windows NT was version 3.1, released in 1993. At the time, Windows NT was a ground­breaking product from Microsoft. Several versions of Windows share a common ancestry back to
Windows NT.

Note
Windows 7 and Windows Server 2008 R2 are both based on the NT 6.1 kernel.

Based on the same kernel, both Windows 7 and Windows Server 2008 R2 operating systems are designed with modified microkernel architectures. The operating system design allows many system functions to be implemented as external programs that run in kernel mode. In a pure microkernel architecture external programs are not allowed to run in kernel mode. Because of the modular nature of Windows major components can be removed, replaced, or enhanced without having to rewrite the entire operating system. This design allows

Microsoft to create different versions of the same base operating system to provide specific services for different client and server environments.

Windows Run Modes
The architecture of the Windows operating system consists of two main layered components ­ user mode programs and kernel mode programs. Kernel mode programs run in a privileged mode, also called kernel or supervisor mode, and interact closely with the physical hardware. User mode programs interact with both users and kernel mode programs. Figure 2­3shows the basic architecture of a Windows operating system.

Figure 2­3. Windows operating system components.

Kernel Mode

Programs running in kernel mode have complete access to the computer's hardware and system services. This level of access is needed by the operating system and provides an attractive target for attackers.
Table 2­2 shows the main kernel mode program components.

technical TIP
One common goal of attackers is to run a program of their choice in kernel mode. At that privilege an attacker can pretty much own a computer. Pay special attention to any vulnerability you encounter that could allow an attacker to escalate privilege to kernel mode.

Table 2­2. Windows kernel mode components.
COMPONENT

DESCRIPTION

Hardware

The HAL provides the actual access to physical

Abstraction

hardware. All other kernel mode programs interact with

Layer (HAL)

hardware through the HAL. This allows Microsoft to support multiple hardware platforms by just writing

different HAL modules, instead of rewriting all operating system programs.
Kernel mode

Kernel mode drivers provide user programs and other

drivers

kernel mode programs access to individual hardware devices, through the HAL. These drivers provide the translation to allow other programs to access devices as file objects.

Microkernel

The microkernel is the memory resident portion of the operating system that provides the core functionality of operating system functionality, including CPU synchronization, process thread/interrupt scheduling, and exception handling.

Executive

The executive is at the "highest level" of the kernel mode programs. It provides services, such as managing objects,
I/O, security, and process management. User mode programs interact with the operating system via the executive. Table 2­3. Windows user mode components.
COMPONENT

DESCRIPTION

Environment

The Environment subsystem provides the ability to run

subsystem

programs written for different operating systems, including previous Windows versions and UNIX.

Integral

The Integral subsystem handles the user mode functions

subsystem

on behalf of the environment subsystem, including login and access control, network access, and providing network services.

User Model
All non­kernel mode programs run under user mode. This includes application programs and the user mode layer of Windows. The Windows user mode layer programs handle all user interaction and processing requests, and pass
I/O requests to the necessary kernel mode drivers, using the executive. Table 2­3 lists the two main user mode program components.

Access Controls and Authentication

Access Controls and Authentication
All computer users, including attackers, need to establish access to a computer system before accessing its resources. The operating system is responsible for providing access to authorized users while denying access to unauthorized users. This process of providing and denying access is calledaccess control. As developers of operating systems have become more concerned with security issues, access control has matured with each new operating system release. Access control is a multi­step process, starting withidentification and authentication. Regardless of the methods used, the operating system needs to identify the user asking for access to a resource. Most often, the user provides a username (or user ID). A username alone is not sufficient to use as a basis for granting access to resources, however. Anyone can claim to be any user. There must be a process that validates that a user is authentic.

Warning
Attackers know that passwords are common and many people have trouble memorizing the complex ones. So an attacker will likely explore words and numbers that are easily remembered, such as birthdays, anniversaries, and names of pets or children. Another favorite attack is to walk around an office and look for sticky notes on monitors and under keyboards. Many users write down passwords there. The authentication process ensures that users are who they claim to be. There are many methods to authenticate users. The most common method in use is the password. Although anyone can claim to be a particular user, no one else but the real user should know the user's password. The ability to provide both the username and password provides the authentication that the user is valid and authentic.

Authentication Methods
Authentication methods aren't limited to just passwords—they can be one of three types. Each type of authentication is useful in different applications and has strengths and weaknesses. Table 2­4 lists the three authentication types:Type I, Type II, and Type III.
Regardless of the type, or types, of authentication used, the authentication system performs the following tasks:
Collects identification credentials, such as a username
Collects authentication credentials, such as a password
Finds the stored information that corresponds to the supplied credentials in the user list, often in an authentication database
Compares the stored credentials to the supplied credentials. If they match, the user is authenticated
Table 2­4. Authentication types.

TYPE

DESCRIPTION

STRENGTHS

WEAKNESSES

I—

Some piece of

Simple to

Password overuse

What

information only a

implement

(using one password in

you

valid user knows. The

Simple for

multiple applications,

know

most common

users

allowing a

examples of Type I

compromised password

authentication is a

to provide access to

password or PIN.

multiple systems)
Writing down complex passwords—easy to find

II—

A physical object that

More secure

More complex to

What

contains identity

than Type I

implement and

you

information, such as a

Little or

distribute devices

have

token, card, or other

nothing to

Must handle lost

device

remember

devices

III—

Physical characteristic

Very secure

Expensive

What

(biometric), such as a

Hard to

Difficult to implement

you

fingerprint, hand

compromise

Slow process in some

are

print, or retina

Nothing to

characteristic

applications

carry or remember The strongest authentication comes from using more than one type at the same time. Using two types of authentication is called two­factor authentication and using more than two types is called multi­factor authentication. Any operating system or application that requests more than one response during authentication is using two­factor or multi­factor authentication. Using more than a single authentication type strengthens the process by increasing the difficulty of impersonating a valid user.

Access Control Methods
Once a user is identified and properly authenticated, the operating system can grant or deny access based on different rule sets. Access control doesn't only apply to users. Any user or program that requests access to a resource is called the access subject. The resource to which the subject requests access is called the access object.
Using these terms, access control is the process of granting or denying subjects access to specific objects.
The most common types of access control rules are mandatory access control (MAC), discretionary access control (DAC), and role based access control (RBAC). DAC strategies are defined primarily at the user, or subject, level. Each object has a defined owner and the owner has complete control over which users can access the object. In an operating system environment this means access is granted to resources based on the user's settings.

Windows extends this concept to allow object properties that can further restrict access. While this approach is simple to define, it can be challenging to maintain in large environments with many users.
The next main type of access control is MAC. A familiar MAC implementation is used in military and government environments. In such an environment, all data objects are labeled with a specific classification. Government classifications include: unclassified, restricted, confidential, secret, and top secret. Likewise, all subjects are granted a specific clearance. A subject must hold a clearance at, or above, the classification level of the desired object to access it. In most environments, subjects must also demonstrate a specific "need to know."
The final type of access control is RBAC. In one point of view, RBAC extends, or generalizes, DAC. Object access is defined by role, as opposed to individual users. Each user is assigned one or more roles. The roles to which a user is assigned define which objects that user (subject) can access. Most operating systems, including Windows do not directly use RBAC, but use a combination of DAC and RBAC. This combination of access control methods is implemented using both user and user group based permissions.

Security Access Tokens, Rights, and Permissions
In a Windows environment each local system defines local users and groups during the installation process. You can add more local users and groups at any time using the Computer Management tool.
The Local Users and Groups section of the Computer Management tool allows you to add, remove, and manage

local users and groups. This tool is most commonly used to create new users and groups, and to associate users with groups. Figure 2­4 shows the Local Users and Groups section of the Computer Management tool.

technical TIP
Here's how to open the Computer Management tool:

1. Select Start
2. Right mouse click Computer (open the Computer context menu)
3. Select Manage

Figure 2­4. Computer Management tool with open Local Users and Groups.

Security Identifier
Each local user and group in Windows has a unique security identifier (SID). Windows uses the SID to identify users and groups, not the names. Once you create a local user or group the SID remains the same, even if you

change the user or group name. There are several well­known users and groups that are defined for all Windows machines, but aside from the Microsoft defined SIDs, all other SIDs are unique to a local machine. Table 2­5 lists a few of the Windows well­known SIDs.
Table 2­5. Well­known SIDs.
WELL­

STRING

KNOWN

IDENTIFIES

VALUE

SID
Null SID

S­1­0­0

Group with no members, often used when a
SID is not known

World

S­1­1­0

Group that includes all members

Local

S­1­2­0

Users who log on local terminals

Creator

S­1­3­0

SID replaced by the SID of the user who

Owner ID
Creator
Group ID

created a new object
S­1­3­1

SID replaced by the primary group SID of the user who created a new object

If you create a user named "Fred" on two different Windows computers each account will have a different SID. To
Windows, the users are completely different, even though they share the same username. This uniqueness between machines makes it difficult to synchronize security settings among multiple standalone computers.
Every time a Windows user logs in, the operating system fetches the user's SID and the SIDs for all groups to which the user is assigned. The operating system also looks up any local rights for this computer. All of the SIDs and local rights are written to an ID object called your Security Access Token (SAT). Your session's SAT is attached to all your processes. When you run any process Windows looks at the SAT and any defined access control information for resources to decide whether to grant or deny access to any requested resources.

Access Rules, Rights, and Permissions
Defining local users and groups is only the first part of the access control implementation process. Windows allows you to associate specific rights and permissions to each user that tell Windows what a user can do.
User rightsdefine tasks that a user is permitted to carry out, such as take ownership of objects or shutdown the computer. Permissions define what a user can do to a specific object, such as read or delete the object. Windows stores access rules, or permissions, for resources (objects) in Access Control Lists (ACLs). Each object has an associated ACL and can be used to allow or deny access to the object by user or group. The most common use of
ACLs to the general user is to protect files or folders. The properties window of files and folders contain a 'Security' page that allows you to change the object's access permissions for specific users or groups. The collection of access permissions for each object is called the object's ACL. Windows uses the SAT attached to the currently running

process and the ACLs defined for a requested resource to decide whether to grant or deny the requested access.

Users, Groups, and Active Directory
Today's computing environments are quickly becoming more diverse and integrated. Fewer environments are comprised of isolated and unconnected personal computers. Windows environments, both home and office are becoming more dependent on shared resources. Even the smallest home networks commonly share printers, storage devices, and network access devices. While defining access permissions for small home networks is fairly easy, the same cannot be said for larger business networks.

Workgroups
In a business network there may be dozens, hundreds, or even thousands of computers. It is desirable to allow users to access network resources from multiple computers attached to the network. By default, Windows allows computers to share resources by creating a workgroup. A workgroup simply allows standalone computers to "see" each other's shared resources. Common shared resources include files, folders, and printers. Each resource can be shared or hidden, and the access to each resource can be controlled by user and group permissions.
So far, workgroups sound good. The main problem with Windows workgroups is that each computer is still defined as a standalone computer. That means users and groups must be defined on multiple computers. In fact, if you want all users to have access on all computers in the workgroup, you have to add the local users on every

computer. On small networks this may seem OK at first, but maintenance can quickly get out of hand. Since all user and group accounts in a workgroup are local accounts, every change to security permissions must be applied to every computer. Administration of workgroups with more than 10 computers can quickly become too difficult to remain viable.

Active Directory
Microsoft offered a solution to local users and groups in the original Windows NT operating system. All Windows operating systems since Windows NT have the ability to share user and group definitions. Many operating systems support a generic capability to share such information, called directory services. This functionality has matured into a core Windows feature, calledActive Directory. Instead of having to define users and groups locally on each computer, Active Directory allows users and groups to be defined once and shared among multiple computers. You get to define the limits of how many computers share users and groups by defining domains. The actual database of shared users and groups is stored on one or more computers designated as domain controllers. There are many more features of Microsoft Active Directory, but its main feature is the ability to define identity andauthorization permission that can be shared among multiple computers within one or more domains. This capability greatly simplifies security administration in larger networks.
Implementing Active Directory requires more hardware for domain controller computers and network devices. It also requires additional administration time and resources to ensure shared information is protected and available in a timely fashion. In fact, securing Active Directory information ensures its integrity, confidentiality, and

availability. An organization that uses Active Directory depends on the security of its information.
The main reason organizations invest in Active Directory resource requirements is not just to make users happy.
While implementing a single sign­on capability is a huge benefit for users in a large organization, the real reason to implement Active Directory is to reduce redundant administrative effort. Securing resources across a network, or multiple networks, requires substantial administrative effort. The amount of redundant controls administrators must keep current opens opportunities for attacks on stale controls. Active Directory automates and centralizes many controls, making the entire environment more secure.
Unlike workgroup environments, a domain user or group definition is defined on the domain controller and its
SID will be the same for all computers in the domain. In the workgroup environment, a user named "Fred" may be defined on each computer, but the SID will be different on each one. Auditing Fred's actions across multiple computers can be more difficult when trying to coordinate multiple SIDs. Active Directory removes the problem of different SIDs on each computer.

Windows Attack Surfaces and Mitigation
Windows, like any operating system, is a collection of services provided to allow users to interact with the physical hardware. Each service provides a specific set of access methods to the hardware and functions that satisfy user requirements. In short, operating system services provide some functionality to users. Each service exposes some part of the computer to external access. Regardless of the care taken to ensure the security of the provided access,

there is a risk when exposing any part of a computer to external access. All computing systems include vulnerabilities—weaknesses that can allow unauthorized access if successfully exploited. The total collection of all possible vulnerabilities that could provide unauthorized access to computer resources is referred to as the attack surface. Another way to define the attack surface is the set of all exposed vulnerabilities.

Multilayered Defense
The discipline of information security is concerned with minimizing the attack surface of any protected resource.
This can be achieved by successfully removing, or substantially reducing, the ability of an attacker to conduct an attack against vulnerability. There are several effective methods to minimize the attack surface. The most secure environments employ a combination of strategies. Most importantly, a solid overall security strategy avoids monolithic solutions. Relying on a single control to protect a resource increases the probability of a successful attack. Always design a defense strategy that is multilayered, which requires multiple controls be compromised to exploit any vulnerability. Such a strategy is often called a defense­in­depth approach to security. Figure 2­
5 shows how a multilayered defense strategy protects resources.
At a high level, the easiest way to reduce the attack surface is to remove functionality. Suppose an attacker wants to exploit Internet Information Services (IIS) Web server vulnerability. The quickest way to deny such an attack is to disable or remove the IIS Web server. Although disabling IIS may be easy it may be unacceptable. What if the server computer in question is a Web server? Disabling IIS in that case is not an option! But in many cases disabling a Web server is perfectly OK. It all depends on the purpose of the server computer and the services it

must provide to be functional. Defining the computer role and configuring the operating system for that role is one of the best ways to reduce the attack surface of any computer.
Proper workstation and server role definition makes it easier during the installation process to only install and enable services that are necessary for a particular computer. By only installing and enabling the necessary services you reduce the operating system's complexity and overall attack surface. Windows Server 2008, (and Windows
Server 2008 R2), include the Server Manager tool that makes it easy to define specific roles for a server. There is even a new installation option available called Server Core that only installs the basic services to support file and print services, Active Directory, and a few other basic server functions. The resulting installation takes up less disk space, consumes less memory, and has a much smaller attack surface due to fewer installed services.

Figure 2­5. Multilayered defense.

Mitigation

Mitigation
If you must install and enable a service, such as the IIS Web server, you must employ measures to protect your system from IIS vulnerabilities. You will learn specific strategies to secure resources throughout the remainder of this book. The strategies you will learn to secure any resource, also called mitigating a risk, fall into two main categories: 1. Remove vulnerabilities
2. Stop attacks from exploiting vulnerabilities
Between the two strategies, the former is the better option. Removing vulnerability by disabling the service or by updating vulnerable software to a more secure version removes the possibility of a successful attack against a specific vulnerability. However, just applying a security patch doesn't guarantee there is no more vulnerability in the service. That's why a multilayered defense is so important. Never rely on a single control or strategy to protect a resource. Always employ multiple levels of controls. Your goal is to make attackers work very hard to exploit resources on protected computers.

Fundamentals of Microsoft Windows Security Monitoring and Maintenance

The process of securing a Windows computer system and maintaining a secure system is an iterative process.
There are three main points in a system's lifecycle that serve as milestones for security management. It is important to maintain a secure system when you:
1. Install the operating system or application software
2. Monitor the operation of the computer system
3. Make any configuration changes to the computer system
The first and third milestones are easy events to identify and result from some administrative action. It is important to include security concerns in the installation and modification procedures to avoid introducing unintended vulnerabilities. For example, the procedure to upgrade to a new version of SQL Server should include steps to ensure insecure user accounts or demo procedures are not added to the system environment. It is also desirable to carry out validation tasks after any new installations or configuration changes to ensure system security meets stated goals. The second milestone occurs at intervals specified by security administrators for each system. Monitoring can be as frequent or infrequent as necessary. Typically the monitoring frequency depends on the volatility of the resource and the risk of attacks against the resource.

Security Monitoring
In general, the process of security monitoring involves comparing performance or configuration information to a

stated baseline. Microsoft offers several tools and resources to help create and maintain secure systems. You will learn about each of these tools and resources in later chapters as you use each one. The basic process of security monitoring is to follow these steps:
1. Define security goals
2. Describe secure behavior as a baseline
3. Sample performance information and compare to the baseline
4. Report anomalies
The tools and resources available for Windows operating systems include both suggested baselines and the tools to compare baselines to system configuration and performance information. System configuration information could include user and group definitions, critical resource permissions, and lists of folders. Baseline information could include a list of known vulnerable users, groups, and folders. Any items in the lists of users, groups, or folders that exist in the baseline could indicate vulnerability. Performance information could include Web server log files.
Monitoring such log files could show attacks that have been carried out against your system. Or even better, you could see the evidence of a pre­attack reconnaissance effort. In the case of the latter example, you could use such information to take action to protect your system from an expected future attack.

Identify Vulnerabilities

The idea behind monitoring is to simply consider the current state of a system and identify any existing security vulnerabilities. You are proactively taking a similar approach of what an attacker will do to plan an attack. After identifying vulnerabilities you must decide how to address each one. It sounds simple, and it really is at its core.
However, putting that goal into practice can be difficult. There are many options to address each vulnerability and you have to choose the best option for each situation. And the process isn't a single occurrence of each step.
Security monitoring and responding to the results is a process you'll repeat over and over to keep your systems secure. CHAPTER SUMMARY
Microsoft Windows is a mature family of operating systems that address the needs of many different types of enterprises and users. The wide variety of information managed by Windows systems and the large number of existing systems that run Windows makes the platform an attractive target for attacks. Attackers know that each new Windows release gives security administrators new and improved tools to help secure protected resources and information. They know the only way to stay ahead of the game, and outsmart Windows administrators, is to know the operating system and its attack surface as well as possible. And they know it well.
The best way to defend your systems from attack is to know as much, if not more, about your operating system and its vulnerabilities as attackers know. Think like an attacker. Know where and how they'll likely attempt to compromise your systems. Anticipate their moves and you'll be better prepared to place deterrents in their path.
You have learned the basics of the Windows operating system architecture. In later chapters you'll build on that

knowledge and add the specific details of what attackers are looking for and how to stop them.

KEY CONCEPTS AND TERMS
Access control
Active Directory
Attack surface
Authentication
Authorization
Classification
Clearance
Control
Discretionary access control (DAC)
Exploit
Hardware Abstraction Layer (HAL)

Identification
Kernel
Mandatory access control (MAC)
Microkernel
Multi­factor authentication
Object
Permission
Right
Role based access control (RBAC)
Security identifier (SID)
Subject
Supervisor mode
Two­factor authentication
Type I authentication
Type II authentication

Type III authentication
User mode

CHAPTER 2 ASSESSMENT
1. Which of the following is not a goal of a secure environment?
1. All required information is available to authorized users.
2. No information is available to unauthorized users.
3. All required information is available to unauthorized users.
4. No classified information is available to unauthorized users.
2. Which term describes the central component of an operating system?
1. Kernel
2. Shell
3. Hardware Abstraction Layer

4. Executive
3. What are the two run modes for Windows programs?
1. Supervisor mode and executive mode
2. Kernel mode and supervisor mode
3. User mode and executive mode
4. Kernel mode and user mode
4. Which of the following Windows components resides in memory to provide the core operating system services?
1. Kernel
2. Microkernel
3. Executive
4. Hardware Abstraction Layer
5. What is the name of the process which proves you are who you say you are?

1. Identification
2. Authorization
3. Permission
4. Authentication
6. Which type of authentication is a smart card?
1. Type I
2. Type II
3. Type III
4. Type IV
7. Which access control method relates data classification to user clearance?
1. MAC
2. DAC
3. RBAC

4. LDAC
8. What value uniquely identifies a user or group in Windows?
1. UID
2. SAT
3. SID
4. ACE
9. If the same user is created on three separate Windows computers, which value is the same on all three computers? 1. SID
2. User code
3. Username
4. SAT
10. Which Windows feature allows users and groups to be "shared" among machines?

1. Domain controller
2. Workgroup
3. SID
4. Active Directory
11. What defines the limit of how many computers share users and groups?
1. SID
2. GUID
3. Domain
4. Workgroup
12. Which of the following best describes the term "attack surface"?
1. All possible vulnerabilities in application software that could be exploited
2. All possible vulnerabilities that could be exploited
3. The most likely avenues of attack

4. Known vulnerabilities that have not been patched
13. When possible, what is the best way to mitigate vulnerability in a specific service?
1. Remove the service
2. Disable the service
3. Block access to the service
4. Patch the service
14. When monitoring a Windows system, with what do you compare current system performance to test for security compliance?
1. The previous monitoring results
2. A normal performance scan
3. A stated baseline
4. A defined security goal
15. Why should you immediately test your system for security compliance after making a configuration change?

1. Configuration changes generally increase security
2. Configuration changes generally decrease security
3. Configuration changes may introduce new vulnerabilities
4. Configuration changes may remove existing vulnerabilities

Similar Documents

Free Essay

Bus and Life

...Bus and Life What are the common transportations nowadays? Obviously bus nowadays has become one of the most common means of transport. Commuters and students choose bus as they found many advantages of this transportation. Across all income levels, the average number of trips made by bus per year is sixty six. Also, one bus can reduce seventeen times pollution than cars if the users switch from private vehicles to public transport. But the increase in bus fares recently stops people from riding the bus around. Evidently the rise in bus fares doesn’t only put an impact on people, it also creates lots of difficulties to reduce traffic jams and global warming. Therefore, we should not increase the price of bus fares in order to save the benefits of all the people and protect the environment. First, the increase in bus fares has a disproportionate effect to all the people especially low income families. For instance, people with a low income make three times as many bus trips as others with a higher income. Definitely the increase in bus fares most likely to hit the poor people who cannot afford it. The commuters who are willing take the bus to work also get hit from this issue. Why do people have to take buses instead of driving their cars to work which likely costs them the same amount of money? Of course nobody wants to give up their time and money sitting on the bus, which costs them the same price of driving cars. Also, as well as meeting the...

Words: 1228 - Pages: 5

Premium Essay

Bus Reservation

...STRUCTURES PROJECT ONLINE BUS RESERVATION SYSTEM BY L.SIVA SAI REDDY-10MSE1033 B.SIVA RUSHI-10MSE1063 Title of the project(aim) Online Bus Ticket Reservation System. Abstract: • The objective was two-fold - to ensure that the Customers don’t have to leave the confines of their comfort to book a ticket, and to help them get a ticket when they need it the most. • The internet was being voted as a medium people couldn’t do without. PC and net penetration was increasing not only in urban areas, but also in rural India. Also, people were getting used to booking tickets for travel using IRCTC and private airline websites. So, why not buses? • Online system provides real time quotations, real time bus booking services for round trips, multiple payment channels, cost comparison, last minute booking, an in-house call center and even home delivery of tickets Objective: • The objective was to ensure that the Customers don’t have to leave the confines of their comfort to book a ticket, and to help them get a ticket when they need it the most. • The internet was being voted as a medium people couldn’t do without. PC and net penetration was increasing not only in urban areas, but also in rural India. Also, people were getting used to booking tickets for travel using IRCTC and private airline websites. So, why not buses? • Online system provides real time quotations, real time bus booking services for round trips...

Words: 969 - Pages: 4

Premium Essay

Bus Reservation

...STRUCTURES PROJECT ONLINE BUS RESERVATION SYSTEM BY L.SIVA SAI REDDY-10MSE1033 B.SIVA RUSHI-10MSE1063 Title of the project(aim) Online Bus Ticket Reservation System. Abstract: • The objective was two-fold - to ensure that the Customers don’t have to leave the confines of their comfort to book a ticket, and to help them get a ticket when they need it the most. • The internet was being voted as a medium people couldn’t do without. PC and net penetration was increasing not only in urban areas, but also in rural India. Also, people were getting used to booking tickets for travel using IRCTC and private airline websites. So, why not buses? • Online system provides real time quotations, real time bus booking services for round trips, multiple payment channels, cost comparison, last minute booking, an in-house call center and even home delivery of tickets Objective: • The objective was to ensure that the Customers don’t have to leave the confines of their comfort to book a ticket, and to help them get a ticket when they need it the most. • The internet was being voted as a medium people couldn’t do without. PC and net penetration was increasing not only in urban areas, but also in rural India. Also, people were getting used to booking tickets for travel using IRCTC and private airline websites. So, why not buses? • Online system provides real time quotations, real time bus booking services for round trips...

Words: 306 - Pages: 2

Free Essay

Bus Rate and Packages

...PLACE | TOURISTBUS(60 SEATER)(+5K for Overnight) | MINIBUS/COASTER(30-40 seater)(+5K for Overnight) | VAN(10-14 seater)(+3K for Overnight) | * BATAAN | | | | BALANGA/ORANI/HERMOSA | Php 23,500.00 | Php 19,500.00 | Php 9,000.00 | MARIVELES/MONTEMAR/BAGAC | Php 26,500.00 | Php 23,500.00 | Php 9,500.00 | MT.SAMAT | Php 24,000.00 | Php 22,500.00 | Php 9,000.00 | MORONG | Php23,500.00 | Php21,500.00 | Php 9,500.00 | * BATANGAS | | | | ANILAO/MABINI | Php 22,500.00 | Php 20,500.00 | Php 9,500.00 | CALATAGAN/SAN JUAN | Php 22,500.00 | Php 19,500.00 | Php 9,000.00 | CALACA/BATANGAS PIER/LIAN | Php 20,500.00 | Php 18,500.00 | Php 8,500.00 | NASUGBU/MATABUNGKAY/TAAL/LEMERY | Php 20,500.00 | Php 18,500.00 | Php 8,500.00 | CANYON WOODS/ LIPA/BATULAO/TALISAY | Php 20,500.00 | Php 18,500.00 | Php 8,500.00 | * BICOL | | | | CAMSUR(3DAYS) | Php 80,500.00 | Php 76,000.00 | Php 20,500.00 | NAGA(3DAYS) | Php 68,500.00 | Php 65,500.00 | Php 20,000.00 | * BULACAN | | | | STA.MARIA/MALOLOS | Php 15,500.00 | Php 13,500.00 | Php 6,500.00 | SAN RAFAEL/PANDI/CALUMPIT | Php 16,500.00 | Php 14,500.00 | Php 8,000.00 | * CAVITE | | | | TAGAYTAY | Php 17,500.00 | Php 15,500.00 | Php 7,500.00 | PUERTO AZUL | Php 17,500.00 | Php 15,500.00 | Php 7,500.00 | CAYLABNE | Php 17,500.00 | Php 15,500.00 | Php 8,000.00 | KAWIT | Php 16,500.00 | Php 14,500.00 | Php 7,000.00 | * ILOCOS NORTE | | | | LAOAG/VIGAN(3DAYS) | Php 78,500.00 | Php 74,500.00 | Php...

Words: 2199 - Pages: 9

Premium Essay

Nyc Bus System

...Research about NYC Bus System According to Andrew Grossman, one of the factors contributing to the decline in the NYC bus ridership is traffic congestion. Many buses do not travel at optimal speeds, especially during rush hours. As a result, people do not use buses to avoid getting to work or appointments late. The design of NYC bus system has also contributed to the decline in bus ridership. The Metropolitan Transportation Authority has eliminated several bus routes running along subway lines. In addition, the authority has decreased the frequency of some of the bus routes. This reduced the number of people using buses and increased the use of subways. The high-profile improvements of subways have also contributed to the rise of subway ridership. Furthermore, buses are frequently breaking down, which affects the reliability of the NYC bus system. The average distance that buses travel before repair has declined, which reduces the number of buses on various routes.[1] The public consider the NYC bus system to be unreliable, overcrowded and not dependable. Its unreliability is associated with the frequent failure of buses, non-covering of runs, changes in routing and the use of antiquated dispatching procedures. Many people prefer to use alternative ways of transit because of the longer wait times, particularly along the busy routes. They prefer to be on a train rather than wait for buses. With the fare hikes and traffic congestion, New Yorkers usually walk instead...

Words: 1229 - Pages: 5

Free Essay

Wow Bus Fare Expensive

...fare Good for two (2) connecting buses Valid for two (2) hours from time received Not valid for return trip Special restrictions may apply (see transfer) 631.852.5200 Monday to Friday 8:00 am to 4:30pm SCAT Paratransit Service Paratransit Bus Service is available to ADA eligible passengers. To register or for more information, call Office for People with Disabilities at 631.853.8333. Large Print Bus Schedules To obtain a large print copy of this or other Suffolk County Transit bus schedules, call 631.852.5200 or visit www.sct-bus.org Additional Transportation Services HART. . . . . . . . . . . . . . . . . . . . . . . . . . 631.427.8287 NICE, Nassau Inter-County Express. . . . 516.228.4000 MTA LONG ISLAND RAIL ROAD. . . . . . 718.217.5477 511NYRideshare. . . . . . . . . . 511 and say "Rideshare" Passengers Please • Have exact fare ready; Driver cannot handle money.  • Passengers must deposit their own fare.  • Arrive earlier than scheduled departure time.  • Tell driver your destination.  • SCT Drivers announce Major Bus Stop locations.  •  moking, drinking, eating and playing of radios is prohibited S on buses. Bike Racks Available on all Suffolk County Transit (SCT) bus routes. Reduced Fare for Seniors, Persons with Disabilities and Medicare Card Holders Persons with valid, municipally issued cards...

Words: 1470 - Pages: 6

Free Essay

Bus Stop

...Hunter Miller Bus Stop Critique 4/2/14 The name of the play was Bus Stop, and the playwright is William Inge. The play was presented at Dyersburg State Community College theatre in Dyersburg, TN. Mrs. Meliah Lewis directed the play. The play was presented on March 27th through the 29th. I saw the play on the 29th. The play starts in a diner called Grace’s Diner. Set in the 1950s a terrible blizzard comes through the town. The bus stop right outside of the diner has a bus stop. When the final bus of the night stops in, the sheriff is notified that the highway patrol has closed the road out of town towards the bus’ destination, Montana. The very diversified group of passengers on the bus are then forced to spend the night in the diner until morning. The driver of the bus and owner of the diner are interested in each other and end up going to the owners’ apartment above the diner. The professor on the bus ends up trying to sweet talk the waitress at the diner. The waitress unknowingly agrees to meet up with professor later in the week, and ends up finding out the professor isn’t a professor at all. There are two cowboys on the bus from a ranch in Montana. One of the cowboys has pretty much kidnapped at singer from a club and is in love with her and telling her they are getting married against her will. The sheriff of the town stays around the diner to make sure that the singer is well protected and respected by the cowboy. The cowboy doesn’t listen to well and ends up...

Words: 619 - Pages: 3

Premium Essay

Logistic: School Bus Routing

...1.0 INTRODUCTION School bus has become an important facility in supporting parents at the grassroots in picking and dropping their children off at school. However, the challenges faced by Local Authorities (LA) in terms of demands and funding cannot be over emphasised. One of such LA faced with this dilemma is Middleton Local Education Authority (LEA) which has been chosen for the purpose of this study. In order to address this problem, a statement of the problem is defined with reference to the presenting issues. Secondly, the aims and objectives of this study is stated in an attempt to resolve the presenting issues. Thirdly, key definition of terms is addressed with reference to the school bus problem. Fourthly, a critical review of the literature whilst putting into perspective the methodologies adopted in research. Furthermore, findings from different approaches using computer programs to address the school bus problem are highlighted. In addition, a critical analysis of the school bus problem is attempted whilst putting into perspective transportation management systems, public policy and compliance, appreciation of public transport design and sustainable transport systems. An understanding and knowledge of UK based transport systems is demonstrated with an application to the case study problem. Lastly, limitations are acknowledged, recommendations and conclusions are drawn. Within this, future challenges relating to the school bus problem with reference to transportation...

Words: 3933 - Pages: 16

Premium Essay

Business Plan for Bus Services Company

...BUSINESS PLAN Wise Choice Tours and Bus Services The Company Wise Choice Tours and Bus Services (WCTBS) is a new sightseeing company in its formative stages. It is owned and managed by entrepreneur Michael Miles. The company is located in the capital city of Georgetown. It is being organized to take advantage of a specific gap in the local sightseeing tour market. The gap exists in high quality, reasonably priced sightseeing tours in the nation's capital away from the city centre, indicating that a new entrant tour company could be expected to capture a significant portion of the current sightseeing tour market. The Company's Mission WCTBS’ mission is to provide safe, reliable and fun sightseeing tours and bus services to our customers. Six of the buses will be used for tours locally, three for tours to Suriname, Venezuela and Brazil. With a combination of clean buses, friendly and informative and helpful driver guides along with outstanding customer service, WCTBS intends to lead the other companies and make our standards their ambition. Objectives WCTBS will have as it primary objectives the following elements:  To establish and operate a new tour company and bus service aiming specifically at touring the monuments, memorials, museums, and government buildings of the capital city as well as touring the historic and picturesque regions of Guyana.  To implement an organizational and marketing strategy that will, beginning in the first months of operation, achieve...

Words: 1791 - Pages: 8

Premium Essay

My Ride on the Bus

...My ride to high school was the worst experience ever. Never again will the PVTA bus be my transportation to high school. There will always be people who will ruin your experience when you wait for the bus, ride in the bus, and exiting out the bus. Regardless of how many miles it is from to home. Walking would be a better transportation than taking the bus. Walking to the bus stop was the easiest thing to do, but when it comes to waiting for the bus, there will be problems that will surface. Once I arrive to the bus stop, I find myself repeatedly checking the time on my phone to notice that the bus is ten minutes late like always. People around me waiting for the bus start complaining how late the bus is, you keep telling yourself that any moment that bus should pull up any minute now; however, as those minutes that pass by, no sign of the bus coming. The sound of a lighter igniting really puts me in an uncomfortable state when hearing the flick sound three times, and seeing the person lighting his cigarette up like a birthday candle. Then proceeds to inhale the cigarette, finally exhaling the fumes that looks like a poisonous cloud that looked like death. The worst part about it is that the poisonous cloud was coming after me like if it sense my fear. The cigarette fumes hits me when inhaling the toxins; in addition, making me feel sick like if lung cancer was not my worries before the bus comes. Thoughts began to enter in my head like lightning saying stuff like “Why do you...

Words: 1150 - Pages: 5

Premium Essay

Elders Should Receive Free Bus Rides

...There are different types of transportation all over the world. Including a bus, and trains that will take people to family gatherings or doctors offices, but families and working people ride a train to work. We use transportation for the less time it takes us to travel places, especially to bigger cities as a result of being faster than driving to their job, doctor, and picking up food. Transportation has grown through the years, and hopefully, it will grow bigger in the near future. Elders should receive free bus rides because they are not as stable as younger drivers. Many are also retired and do not intake enough money. All elders should take retirement. In the first place, they work very hard, and when they do, they do not earn as much money as working adults. They retire as a result of their hard work for at least sixty six years. Every elder deserves to retire. Also, they do not acquire enough money to pay all their bills. Some elderly barely obtain enough money to make a living, because the prices are...

Words: 681 - Pages: 3

Premium Essay

Montgomery Bus Boycott

...The Montgomery bus boycott changed the way people lived and reacted to each other. The American civil rights movement began a long time ago, as early as the seventeenth century, with blacks and whites all protesting slavery together. The peak of the civil rights movement came in the 1950's starting with the successful bus boycott in Montgomery Alabama. The civil rights movement was lead by Dr. Martin Luther King Jr., who preached nonviolence and love for your enemy."Love your enemies, we do not mean to love them as a friend or intimate. We mean what the Greeks called agape-a disinterested love for all mankind. This love is our regulating ideal and beloved community our ultimate goal. As we struggle here in Montgomery, we are cognizant that we have cosmic companionship and that the universe bends toward justice. We are moving from the black night of segregation to the bright daybreak of joy, from the midnight of Egyptian captivity to the glittering light of Canaan freedom" explained Dr. King. In the Cradle of the Confederacy, life for the white and the colored citizens was completely segregated. Segregated schools, restaurants, public water fountains, amusement parks, and city buses were part of everyday life in Montgomery, Alabama “Every person operating a bus line should provide equal accommodations...in such a manner as to separate the white people from Negroes." On Montgomery's buses, black passengers were required by city law to sit...

Words: 3632 - Pages: 15

Free Essay

English Creative Writing (Descriptive) - School Bus

...The stench of the young. The moving classroom was filled with it. The surrounding crowd were the producers of said stench. Another name for them would be teenagers. Hormone filled, sex craving teenagers that couldn’t give a single damn what anybody had thought of any of them. He smelt it as he walked into the larger than life van and traded money for a piece of silky paper stating that he was allowed on this particular van at this moment in time. This was routine. He sat down on the seat he claimed as his own, his throne, some might call it. During the process, the man jerked slightly to the left as the bus started gaining momentum. It had begun. Towards the rear end of the bus, there was a man; a tall, slender and sopisticated looking man. What he was doing there was not known to anyone. His looks had made the impression that this tall man was going to work, possibly as an office job. His hairy face and lousy posture could suggest that he did not like the particular job that he held. Surrounding him were the teenagers. What they were doing did not impress the tall man. This had included screaming into his ear holes any names that they had thought of that particular day and spraying their latest up to date ‘smell good powder’ (which clearly does not work) around him. This had not impressed the tall man. The expression upon his face had given the impression that he was bound upon this moving two-story room against his own will. The sex-craving teenagers sensed this upon...

Words: 916 - Pages: 4

Premium Essay

Bus Radio Theft Investigation

...Bus Radio Theft Investigation Case Joseph Hawley Sec/430 October 28, 2013 Damain Torres Bus Radio Theft Investigation Case In every crime discovered by the authorities, expect an investigation. It is done for the authorities to know more about the case at hand, to find out the responsible party, their reasons, why they chose the victims and so on. It is used to create a case and to give justice to what the victims has experienced. Although the main reason for investigating us take for example a case in Kelsey known as the “Bus Radio Theft Case”. It happened at one of the schools in Kelsey which is the Unified School District. The perpetrators choose to steal radios from school buses. Although the case happened a few years back, there are some aspects of investigations used in this case that we want to study and show you. In reviewing the said incident, we can simply learn one thing, how to solve the mystery involving radio bus thefts. We will take a look at how the investigators of the said case created and accumulated their documents, how they made observations and derive their resolutions from it. We will also take a look at some o the important and useful techniques they used to make the investigation a success including choosing the right people for questioning. The way these investigators compiled the information they gathered will be taken into consideration as well. The investigation about the bus radio theft incidents started after a report came in saying there...

Words: 1540 - Pages: 7

Premium Essay

The Seatbelt in School Bus Controaversy

...CAVE HILL SCHOOL OF BUSINESS UNIVERSITY OF THE WEST INDIES EMBA PSM BELIZE 01 COHORT INBA6110 – NEGOTIATING SKILLS The seat belts in school buses controversy Table of Contents Executive Summary 3 Introduction 4 Problem Statement 4 Analysis of the Negotiation 5 Recommendations and conclusion 5 Bibliography 7 Appendices 8 Simulation Case i Organizational Chart / members of the team ii Opening Letter iii Dates / # of Post made during negotions via CHSB iv Executive Summary The paper discusses the process of the negotiation between the Public Transport Authority and the Mosquito Mums. A negotiation where both parties had defined objectives focused on the seat belts controversy. The study also speaks about the constraints that arise during the negotiation. Both parties presented their proposal however the negotiation reached to no consensus agreement. Furthermore, both groups presented strong factual points but the PTA thinks that the Mosquito Mums still did not raised a strong reason for the petition. In addition, the study discussed about the importance of following the 7 phases in negotiation. Introduction Negotiation is defined as a process by which two or more parties attempt to resolve their opposing interest[1]. The interest in this case was provided as a simulation...

Words: 1440 - Pages: 6