Exam 98-367: Security Fundamentals/Understanding Operating System Security
This lesson covers Understanding Operating System Security. It looks at user authentication, permissions, password policies, audit policies, encryption, and malware.
Activity 1 - Understand User Authentication
editThis objective may include but is not limited to: multifactor; smart cards; RADIUS; Public Key Infrastucture (PKI); understand the certificate chain; biometrics; Kerberos and time skew; using Run As to perform administrative tasks; password reset procedures.
- Read Wikipedia: Active Directory.
- Read What is Kerberos?.
- Read Overview of Authentication and Authorization Technologies.
- Read Using the Runas Command.
- Read Reset a Password.
- Read PKI Basics.
Activity 2 - Understand Permissions
editThis objective may include but is not limited to: file; share; registry; Active Directory; NTFS vs. FAT; enabling or disabling inheritance; behavior when moving or copying files within the same disk or on another disk; multiple groups with different permissions; basic permissions and advanced permissions; take ownership; delegation.
Activity 3 - Understand Password Policies
editThis objective may include but is not limited to: password complexity; account lockout; password length; password history; time between password changes; enforce by using group policies; common attack methods.
- Read Password Best Practices.
Activity 4 - Understand Audit Policies
editThis objective may include but is not limited to: types of auditing; what can be audited; enabling auditing; what to audit for specific purposes; where to save audit information; how to secure audit information.
- Read Advanced Security Audit Policy.
- Read Audit Policy.
Activity 5 - Understand Encryption
editThis objective may include but is not limited to: EFS; how EFS encrypted folders impact moving/copying files; BitLocker (To Go); TPM; software-based encryption; MAIL encryption and signing and other uses; VPN; public-key / private key; encryption algorithms; certificate properties; certificate services; PKI/certificate services infrastructure; token devices.
Activity 6 - Understand Malware
editThis objective may include but is not limited to: buffer overflow; worms; Trojans; spyware.