Tuesday, May 5, 2020

Securing Operating System Free Samples & Examples

Question: Describe the specific security concerns or risks that your chosen operating system is exposed to and how you plan to mitigate the risk that each one presents. Focus on the following areas as security targets: Patching and installed software Users Files List and describe the security concerns for each of the 3 areas. As a system administrator, what can you do to reduce or eliminate the risks that are associated with each concern? Answer: Issues regarding patching and installed software The patching issues on the windows platform of operating system often result in serious troubles. Few of them have been depicted underneath- Machines can hang all of a sudden due to patching issue even though it cannot be predicted beforehand and cannot be realised before such incident occurs. To be specific, problems may be particularly encountered with the patching of visual studio. Problems may be faced with KB3001652 that is not any security update rather it can freeze the computer during installation (Bulygin, Furtak Bazhaniuk, 2015). It may cause to prolonged updates of themachine that may consume couple of hours literally and still several reboots might also be required once done with the successive updates. If 3209944 is installed fixed width fonts may not appear and function properly in a text editor (Herzberg Shulman, 2012). As an inevitable effect of the above instances, unless the updates are installed properly, the machine can be prone to security attacks. Issues regarding users There can also be typical issues regarding the type of users. First and foremost, the hackers must be considered who use the systems in unauthorised manner to indulge malpractice. Other than the attackers and hackers, if anybody possesses any fake user profile that again imposes a serious concern on the OS (Tawa, 2011). Also, the unskilled and relatively ignorant users can lead to several damage of the machine due to improper use of the key functions. Issues regarding files One can encounter various troubles pertaining to the files and registry virtualization also. Few cases have been demonstrated below- Receiving error message during installation or Upgradation. The file or folder just created may not be found. Even after installation the program may still exist. Undesired program behaviour may be experienced after installing an update. Risk Mitigation Option for Selected Security Risk Risk Mitigation process for Patching and Installed Software According to Ferreira (2011), users of Windows Operating System faced lot of challenges regarding patching and installed software. Therefore, in order to mitigate the problems need to develop the up to date inventory for entire systems. Apart from that, users of windows operating system have to use commercial tools in their general network system. Users have to devise the plan for same version application system according to the used Operating system. Moreover, when user applies the patch for any kind of software application in OS, they have to fully analyzing the vulnerability of patches. Risk Mitigation process for User in Operating system The main security threats in Operating system that caused by user is coming from hackers. In major cases, it has been identified that hackers send the link of love bugs and attract the computer user. Through this way hackers put virus on the computer (Czerwonka et al. 2011). Therefore, in order to mitigate the problems, users of the computer system have to install antivirus application such as Norton Internet Security, Quick Heal Total Security, etc. Apart from that, users of the computer system have to install the firewall security system and modify it according to their own. Risk Mitigation process for Files in Operating system In order to mitigate the risk in file transfer in OS, need to installed proper procedure if FTP (File Transfer Process) such as Peer to Peer file sharing, cloud drive file sharing process, etc. Apart from that, need to installed secure file transfer process such as FTPS, SFTP, HTTPS over IPV6 or IPV4 (Pappas, Polychronakis Keromytis, 2013). Limiting the MFT access through implementing the Active Directory process. Check the integrity and protocol fidelity during the transfer of large file. Figure 1: Risk Mitigation process for file transfer in OS (Source: Ferreira, 2011, pp- 1040) Reference List Bulygin, Y., Furtak, A., Bazhaniuk, O. (2013). A tale of one software bypass of windows 8 secure boot.Black Hat. Herzberg, A., Shulman, H. (2012). Security of patched DNS. InComputer SecurityESORICS 2012(pp. 271-288). Springer Berlin Heidelberg. Tawa, R. (2011).U.S. Patent No. 8,001,088. Washington, DC: U.S. Patent and Trademark Office. Ferreira, D. F. (2011). Sisvar: a computer statistical analysis system.Cincia e Agrotecnologia,35(6), 1039-1042. Czerwonka, J., Das, R., Nagappan, N., Tarvo, A., Teterev, A. (2011). Crane: Failure prediction, change analysis and test prioritization in practice--experiences from windows. InSoftware Testing, Verification and Validation (ICST), 2011 IEEE Fourth International Conference on(pp. 357-366). IEEE. Pappas, V., Polychronakis, M., Keromytis, A. D. (2013). Transparent ROP Exploit Mitigation Using Indirect Branch Tracing. InUSENIX Security(pp. 447-462)

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.