Exam 98-367: Security Fundamentals/Understanding Operating System Security

This lesson covers Understanding Operating System Security. It looks at user authentication, permissions, password policies, audit policies, encryption, and malware.

Activity 1 - Understand User AuthenticationEdit

This objective may include but is not limited to: multifactor; smart cards; RADIUS; Public Key Infrastucture (PKI); understand the certificate chain; biometrics; Kerberos and time skew; using Run As to perform administrative tasks; password reset procedures.

  1. Read Wikipedia: Active Directory.
  2. Read What is Kerberos?.
  3. Read Overview of Authentication and Authorization Technologies.
  4. Read Using the Runas Command.
  5. Read Reset a Password.
  6. Read PKI Basics.

Activity 2 - Understand PermissionsEdit

This objective may include but is not limited to: file; share; registry; Active Directory; NTFS vs. FAT; enabling or disabling inheritance; behavior when moving or copying files within the same disk or on another disk; multiple groups with different permissions; basic permissions and advanced permissions; take ownership; delegation.

  1. Read Advanced Security Settings.
  2. Read What are Permissions?.
  3. Read Introduction to File Server Resource Manager.

Activity 3 - Understand Password PoliciesEdit

This objective may include but is not limited to: password complexity; account lockout; password length; password history; time between password changes; enforce by using group policies; common attack methods.

  1. Read Password Best Practices.

Activity 4 - Understand Audit PoliciesEdit

This objective may include but is not limited to: types of auditing; what can be audited; enabling auditing; what to audit for specific purposes; where to save audit information; how to secure audit information.

  1. Read Advanced Security Audit Policy.
  2. Read Audit Policy.

Activity 5 - Understand EncryptionEdit

This objective may include but is not limited to: EFS; how EFS encrypted folders impact moving/copying files; BitLocker (To Go); TPM; software-based encryption; MAIL encryption and signing and other uses; VPN; public-key / private key; encryption algorithms; certificate properties; certificate services; PKI/certificate services infrastructure; token devices.

  1. Read BitLocker and BitLocker To Go.
  2. Read BitLocker Drive Encryption Overview.
  3. Read What Threats Does BitLocker Protect Against?.
  4. Read What Do You Want to Protect with BitLocker?.
  5. Read Certificates.

Activity 6 - Understand MalwareEdit

This objective may include but is not limited to: buffer overflow; worms; Trojans; spyware.

  1. Read Protecting Against Buffer Overflows.

ReferencesEdit