Chapter 3 - Security Part 1: Auditing Operating Systems

And Network

The ​operating system​​ is the computer’s control program. It performs 3

main tasks:
● Translates high level languages
● Allocates computer resources to users, workgroups and applications
● Manages the task of job scheduling and multiprogramming

Operating system​​ security involves policies, procedures and controls that

determine who can access the operating system, which resources they can
use, and what actions to take. The following security components are found
in secure operating systems: ​log-on procedures, access token, access
control list and discretionary access privileges.​

Password​​ is a secret code the user enters to gain access to systems,

applications, data files or network servers.
Methods of password control:
1. Reusable Passwords
2. One-Time Passwords

System Audit Trails​​ are logs that record activity at the system, application,
and user level. Audit trails typically consists of 2 types of audit logs: (1)
detailed logs of invidual keystrokes​ and (2) ​event oriented logs.​

Audit trails can be used to support security in 3 ways:

1. Detecting unauthorized access to the system
2. Facilitating the reconstruction of events
3. Promoting personal accointability

Intranets​​ consists of small LANs and large WANs that may contain
thousands of individual nodes.
3 of the more significant business risks associated with Internet risks:
1. IP spoofing
2. Denial of service attacks:
● SYN flood
● Smurf
● Distributed denial of service (DDos)
3. Equipment failures

Firewall​​ is a system that enforces access control between 2 networks. This

may be grouped into 2 general types:
1. Network - level firewall
2. Application - level firewall

Encryption​​ is the conversion of data into a secret code for storage in

databases and transmission over networks. The earliest encryption method
is the ​Ceasar cipher​​. Two commonly used methods of encryption are
private key​ and ​public key encryption​.

A ​digital signature​​ is electronic authentication that cannot be forged.

Verifying the sender’s identity requires a ​digital certificate​​, which is issued

by a third party called a ​certification authority (CA).

The most common problem in data communications is data loss due to ​line
error​​. The following two techniques are commonly used to detect and
correct such data errors before they are processed:
1. Echo check
2. Parity check

Electronic data interchange​​ is the intercompany exchange of computer

processible bisiness information in standard format. Benefits of EDI:
● data keying
● error reduction
 ● reduction of paper
● postage
● automated procedures
● inventory reduction

System risks and control:

1. Operating system weakness
2. Weak access control
3. Inadequate segregation of duties
4. Multilevel password control
5. Risk of theft
6. Weak back-up procedures
7. Risk of virus infection