Presentation is loading. Please wait.

Presentation is loading. Please wait.

Figure 6-4: Installation and Patching

Published byGesche Brinkerhoff Modified over 6 years ago

Similar presentations

Presentation on theme: "Figure 6-4: Installation and Patching"— Presentation transcript:

1 Figure 6-4: Installation and Patching
Installation Offers Many Options, Some of Which Affect Security For example, in Windows, the NTFS file system is better for security than FAT32 Need a security baseline to guide option choices during installation Microsoft Baseline Security Analyzer ( home.asp)

2 Figure 6-4: Installation and Patching
Known Vulnerabilities Most programs have known vulnerabilities Exploits are programs that take advantage of known vulnerabilities

3 Figure 6-4: Installation and Patching
Known Vulnerabilities Vulnerability reporters send vulnerability reports to vendors Vulnerability reporters often say that vendors take too long to fix vulnerabilities Vendors say that vulnerability reporters do not give them enough time, report too much detail to the press

4 Figure 6-4: Installation and Patching
Fixes Work-around: A series of actions to be taken; no new software Patches: New software to be added to the operating system Upgrades: Newer versions of programs usually fix older vulnerabilities.

5 Figure 6-4: Installation and Patching
Upgrades Often, security vulnerabilities are fixed in new versions If a version is too old, the vendor might stop offering fixes It might be good to wait to upgrade until after the first round of bug and security fixes

6 Figure 6-4: Installation and Patching
Mechanics of Patching Microsoft Windows: Apply Patches on Start menu (Figure 6-2) LINUX distributions often use rpm (RPM Package Manager -

7 Patching

8 Figure 6-4: Installation and Patching
Patches Often Are Not Applied Companies get overwhelmed by number of patches Use many products, vendors release many patches per product Especially a problem for application programs

9 Figure 6-4: Installation and Patching
Patches Often Are Not Applied Cost of Patch installation Mitigated by patch servers that distribute patches to general servers More easy-to-use vendor tools are needed Might simply lack the resources to apply all; might be selective

10 Figure 6-4: Installation and Patching
Patches Often Are Not Applied Risks of Patch installation Reduced functionality Freeze machines, do other damage—sometimes with no Uninstall possible Should test patch on a test system before deployment Special problem for mission-critical production systems that must work

Download ppt "Figure 6-4: Installation and Patching"

Similar presentations

Computers in the real world Objectives

Computers in the real world Objectives
P1-P2-M1-D1-D2.

P1-P2-M1-D1-D2.
Make People Productive Anywhere Manage Risks through Enhancing Security and Control Manage Risks through Enhancing Security and Control Reduce Application.

Make People Productive Anywhere Manage Risks through Enhancing Security and Control Manage Risks through Enhancing Security and Control Reduce Application.
Upgrading Software CIT 1100 Chapter4.

Upgrading Software CIT 1100 Chapter4.
MCITP Guide to Microsoft Windows Server 2008 Server Administration (Exam #70-646) Chapter 11 Windows Server 2008 Virtualization.

MCITP Guide to Microsoft Windows Server 2008 Server Administration (Exam #70-646) Chapter 11 Windows Server 2008 Virtualization.
CSCI 530L Vulnerability Assessment. Process of identifying vulnerabilities that exist in a computer system Has many similarities to risk assessment Four.

CSCI 530L Vulnerability Assessment. Process of identifying vulnerabilities that exist in a computer system Has many similarities to risk assessment Four.
1 Secure Your Business PATCH MANAGEMENT STRATEGY.

1 Secure Your Business PATCH MANAGEMENT STRATEGY.
Chapter Thirteen Maintaining and Upgrading a Network.

Chapter Thirteen Maintaining and Upgrading a Network.
Maintaining and Updating Windows Server 2008

Maintaining and Updating Windows Server 2008
Module 6: Patches and Security Updates 1. Overview Installing Patches and Security Updates Recent patches and security updates for IIS Recent patches.

Module 6: Patches and Security Updates 1. Overview Installing Patches and Security Updates Recent patches and security updates for IIS Recent patches.
Patch Management Module 13. Module 2-421 You Are Here VMware vSphere 4.1: Install, Configure, Manage – Revision A Operations vSphere Environment Introduction.

Patch Management Module 13. Module You Are Here VMware vSphere 4.1: Install, Configure, Manage – Revision A Operations vSphere Environment Introduction.
11 MAINTAINING THE OPERATING SYSTEM Chapter 5. Chapter 5: MAINTAINING THE OPERATING SYSTEM2 CHAPTER OVERVIEW Understand the difference between service.

11 MAINTAINING THE OPERATING SYSTEM Chapter 5. Chapter 5: MAINTAINING THE OPERATING SYSTEM2 CHAPTER OVERVIEW Understand the difference between service.
IT:Network:Microsoft Applications

IT:Network:Microsoft Applications
11 MAINTAINING THE OPERATING SYSTEM Chapter 5. Chapter 5: MAINTAINING THE OPERATING SYSTEM2 CHAPTER OVERVIEW  Understand the difference between service.

11 MAINTAINING THE OPERATING SYSTEM Chapter 5. Chapter 5: MAINTAINING THE OPERATING SYSTEM2 CHAPTER OVERVIEW  Understand the difference between service.
Windows 10 Remediation 1 Upgrading to Windows 10 with Norton Installed OEM Team.

Windows 10 Remediation 1 Upgrading to Windows 10 with Norton Installed OEM Team.
Client Management. Introduction In a typical organization there are a lot of client machines used for day to day operations Client management is a necessary.

Client Management. Introduction In a typical organization there are a lot of client machines used for day to day operations Client management is a necessary.
HWINTRO1 OPERATING INSTALLING AN OPERATING SYSTEM.

HWINTRO1 OPERATING INSTALLING AN OPERATING SYSTEM.
Ashita Srivastava ISM-6245. High Five Corporations Chain of fast food restaurants Using Windows XP for clients and Windows Server 2008 Needs a robust.

Ashita Srivastava ISM High Five Corporations Chain of fast food restaurants Using Windows XP for clients and Windows Server 2008 Needs a robust.
Linux Operations and Administration

Linux Operations and Administration
Linux & UNIX Version 5.3 (Power) Version 6.1 (Power) Version 7.1 (Power) AIX Version 11iv2 (PA-RISC/IA64) Version 11iv3 (PA-RISC/IA64) HP-UX Version.

Linux & UNIX Version 5.3 (Power) Version 6.1 (Power) Version 7.1 (Power) AIX Version 11iv2 (PA-RISC/IA64) Version 11iv3 (PA-RISC/IA64) HP-UX Version.

Similar presentations

Ads by Google