6.1 Operating System Security Flashcards
What does address space layout randomization do?
A technique an OS uses to shift memory in use around so tampering with it is more difficult.
What is an exploit framework?
A collection of prepacked exploits and tools such as network mapping tools and sniffers - can be used to asses vulnerability of own network.
What is the difference between a port scanner and a vulnerability assessment tool?
Scanners detects flaws in the host, ie - Nmap looks for open ports - Vulnerability tool looks for the actual network services running on the host. OpenVAS
Explain the concept of an attack surface.
The sum of the areas that an OS could be attacked.
Why might you want a firewall on your host if one already exists on the network?
Adds an extra layer of security - will packet filter and stateful packet inspection -
What is operating system hardening?
Configuring the OS for enhanced security; OS hardening reduces attack surface by decreasing available avenues for attacks.
What is the XD bit, and why do you use it?
XD (Execute Disable Bit) is Intel’s version of Executable Space Protection. (AMD calls it Enhance Virus Protection)
What does executable space protection do for you?
Prevents OS and applications from using parts of the memory to execute code and thwart an attack from hijacking.
How does the principle of least privilege apply to operating system hardening?
Makes system more secure. If attacker gets access to members account with least privilege (just enough to do their job) little can be done. If the client has a ton of privilege they have the keys to the system.
Download Nmap from https://www.nmap.org and install it. Conduct a basic scan of scanme.nmap.org using either the Zenmap GUI or the command line (nmap <ip> is a good place to start). What ports can you find open?</ip>
several
Operating system security includes securing the operating system (OS) to prevent what?
unauthorized access and reduce vulnerabilities.
Name the five steps to harden an OS:
- remove unnecessary software/services,
- alter default accounts,
- apply least privilege,
- perform updates,
- enable logging/auditing.
How can you mitigate threats to the OS? 4 ways
Mitigate threats through OS hardening, anti-malware tools, firewalls, and intrusion detection systems.
________ _________may have excessive permissions or standard/no passwords, posing security risks.
Default accounts
Mitigate risks by disabling/removing unnecessary ________, renaming ______ accounts, and changing default _______.
accounts; admin; passwords
Newly installed systems should be __________ before connecting to networks to prevent compromise.
patched
Configure and enable appropriate ____________ to record important processes and activities.
Logging/auditing features
Anti-malware tools use ______ and _______ to detect threats.
signatures; heuristics
Anti-malware tools respond to threats by? 3 ways
killing processes, deleting/quarantining files, or leaving them alone.
Anti-malware tools are installed on individual _____,_______ , and ____ _____
systems; servers; proxy servers.
__________ _________ _________ prevents code execution in certain memory portions, mitigating buffer overflow attacks.
Executable space protection
_________ _________ __________ _________ shifts memory contents to make tampering more difficult.
Address Space Layout Randomization (ASLR)
_____________and ______________ add security layers to individual hosts.
Software firewalls ;host intrusion detection systems
Host-based IDS analyze activities on or directed at a__________.
host’s network interface
