Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

operating systems > sem 3 > Flashcards

sem 3 Flashcards

1
Q

Types of Access Control

A
  1. Mandatory Access Control (MAC)
  2. Discretionary Access Control (DAC)
  3. Role- Based Access Control (RBAC)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What is Mandatory Access Control (MAC)

A

MAC is access based on security labels and security clearances. A user cannot grant clearance to another person. Only the administrator can grant access to users. MAC is strict and it can be applied in environments where tight control is necessary such as military.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Discretionary Access Control (DAC)

A

it is based on the subject and the access rules that states whether the subjects can perform certain actions on the object.
Subjects have controlled access to their own objects. it is flexible because subjects can grant access to other subjects, but can be too messy

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Role-Based Access Control (RBAC)

A

access is based on the role subjects are assigned to and the rules that state which roles have access to which objects.

administrators assign access rights to roles, instead of individual users.

it is less flexible than DAC, but easily manageable because it is centrally-controlled.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Draw a general model for File Access

A

slide 22
- has the subject
- object
- and access right

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

what are the 3 groups that can be granted permission in Linux?

A
  1. User (owner)
  2. groups
  3. others
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

ls -l /etc/passwd

A

sees which user has what type of access to the file.

output: rw-r–r– (other stuff.._)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

id

A

id command shows us what groups we are assigned to.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

groups root

A

helps us to see the members of the group named “root”.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

touch suss1

A

creates a file named “suss1”

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

ls -l suss1

A

shows us the permissions for only filed name “suss1”

output: -rw-rw-r–

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

chmod 765 suss1
ls -l suss1

A

changes permission for the file that was created by the user or owned by the user.

output: -rwxrw-r-x

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

values of read, write and execute command.

what is the value of
rw-r-xr?

A

read: 4
write: 2
execute:1

rw-r-xr–:
rw:4 + 2 = 6
r-x: 4 + 1 = 5
r–: 4

Therfore, it should be chmod 654 suss1

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

ls -l suss1
chmod u+x suss1
chmod ug-x suss1
chmod +x suss1

A

outputs:
-rw-r-xr-
-rwxr-xr–
-rw-r–r–
-rwxr-x-rx–

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

what command do you put if you want to remove write access for user and gain write access for group?

A

chmod u-w,g+w suss1
ls -l

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

what are the 3 types of security threats for operating systems

A
  1. intruders
  2. malicious software
  3. Buffer overflow
17
Q

what are the 3 types of intruders?

A

Masquerader: usually outsider, breaks system access control and pretends to be another user.
Misfeasor: usually insider, user misuses his or her access privileges or access resources he or she does not have access to.
Clandestine: usually insider or outsider, gets root control system and bypasses access control

18
Q

what are the 2 groups of malicious software?

A

independent: known as a self-contained program, and can be run by the OS (worm)
needs a host program: known as a parasitic, needs to be attached to a host program (virus)

it can destroy files and bypass access control.

19
Q

Explain Buffer Overflow

A

– can occur because of programming error when a process
attempts to overwrite adjacent memory location
– can result in the attacker able to gain control in the
program
– attacker can use Metasploit against unpatched system
(that is vulnerable to buffer overflow) and get a shell
remotely

20
Q

What are the 3 countermeasures for the 3 security threats mentioned?

A
  1. Authentication
  2. Access Control
  3. Buffer Overflow Countermeasures
21
Q

Authentication

A

To identify and verify users or whom they claim to be.

OS can use these information to authenticate:
1. Something you know: username and passwords
2. Something you are: fingerprints
3. Something you have: ATM card

Two or more factors can be implemented to enhance security.

22
Q

Access Control

A

works hand in hand with authentication

provides the correct access rights after authentication

23
Q

sudo su -
adduser david

cat /etc/passwd

A

a more user friendly way to add a new user in the Linux OS

last command helps to check if the new user has been successfully added.

24
Q

deluser david

A

delete the user david

25
Q

see activity 3 in studyguide

A
26
Q

Buffer Overflow Countermeasures

A

compile time defence: resist attacks by hardening program
runtime defence: aims to detect and stop attacks in executing programs

27
Q

What is Operating Systems Hardening?

A

default configuration of the OS can open up many ports and unnecessary services, making it easy for hackers to compromise the system. Therefore, system hardening is necessary.

28
Q

5 Steps for OS hardening

A
  1. installing the OS and patching
  2. remove unnecessary ports and applications
  3. configure the user, groups and permissions
  4. install and configure additional security measures
  5. Test system security.
29
Q

why is the first step of hardening OS important: installing the OS

A

– Proper planning in installing an OS is important
– Minimise the software package included
– Booting process also has to be taken care of (e.g. password
for changes to the BIOS)
– Use of cryptographic file systems

30
Q

why is the second step of hardening OS important: remove unnecessary ports and services

A

– System planning needs to be done to perform this task to
resolve the conflict of usability and security
– Unnecessary services should not be installed by default

31
Q

why is the third step of hardening OS important: configure user, groups and permissions

A

– Access control needs to be planned properly so that the
users will not have more privileges than they are required
– Categorisation of users should be done with care
– Additional group that the users are in should be justifiable

32
Q

why is the fourth step of hardening OS important: install and configure additional security controls

A

-Additional security controls should be implemented (e.g.
antivirus software, host-based firewall, host-based
intrusion detection system, etc.)
– These additional controls are often necessary
– Antivirus software needs to be updated on the definition
files (or signatures)

33
Q

why is the fifth step of hardening OS important: test security measures

A

– To make sure that what you have implemented works
– Use a checklist (specific to the different OS being used)

operating systems (8 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions