Presentation is loading. Please wait.

Presentation is loading. Please wait.

Chapter 2 System Administration - 1. Overview  Introduction to system administration  Importance of system administration to information security 

Published byMoses Boyd Modified over 9 years ago

Similar presentations

Presentation on theme: "Chapter 2 System Administration - 1. Overview  Introduction to system administration  Importance of system administration to information security "— Presentation transcript:

1 Chapter 2 System Administration - 1

2 Overview  Introduction to system administration  Importance of system administration to information security  General system administration facilities provided by enterprise software 2

3 Introduction to system administration  Definition  System administration  A set of functions that  provides support services  ensures reliable operations  promotes efficient use of the system  ensures that prescribed service-quality objectives are met  System administration functions  installation, configuration and maintenance  network equipment (switches, routers, DHCP, DNS servers etc)  computer systems (database systems, email systems, ERP systems etc) 3

4 System administrators  Definition  Person responsible for the day-to-day operation of a technology system  First line of defense  System administrators secure critical information systems  May also be system security officers  Person responsible for writing, enforcing and reviewing security operating procedures  Some of the most important IT personnel in an organization  Keep IT humming 4

5 Motivation  System administration is a foundational skill for an aspiring information security professional  Most employers value these skills for entry-level positions  Many students find system administration skills valuable  Skills development requires  Discipline  time  Hence introduced early  Hands-on activities after every chapter designed to refine system administration and technical skills  Tempting to skip  But persistence strongly encouraged 5

6 Relation to information security  First line of defense for all the three dimensions of information security  Confidentiality  Integrity  Availability  Examples  Availability  Anticipate failures  Prevent the hardware failure from affecting end users  Confidentiality  Use appropriate file permissions  Ensure that unauthorized people cannot not read or copy transcripts 6

7 Common system administration tasks  Installation  Writing necessary data in the appropriate locations on a computer’s hard drive, for running a software program  e.g.  Installing operating system  Installing application programs  System administration challenge  Streamline process across thousands of computers in the organization  Consumers often believe  When in doubt, install  Professional system administrators believe  When in doubt, do not install 7

8 Common tasks (contd.)  Configuration  Selecting one among many possible combinations of features of a system  Has information security implications  Vulnerabilities can arise due to interactions among components  System administrators must comprehend the implications of these interactions  Challenge  Many software components desired by end users are not maintained by their creators  Resulting information security hazards must be controlled 8

9 Common tasks (contd.)  Access control  Limiting access to information system resources only to authorized users, programs, processes, or other systems  And, establishing what authorized users can do on a system  Typically refers to  Files or directories a user can read, modify or delete  Can also include  Limiting access to network ports  Application level  Limiting rows and/or columns a user can see in a database  Available screens in a business application. 9

10 Common tasks (contd.)  User management  Defining the rights of organizational members to information in the organization  Key component of access control  Creating and removing user accounts  Updating permissions when users change roles  Challenge  Managing large numbers of users  Commonly organized into groups  users with similar privileges  E.g., all faculty members in the Computer Science department  Members of the CompSci-Faculty group  Granted access to mailing list for email discussions. 10

11 Common tasks (contd.)  Monitoring  listening and and/or recording the activities of a system to maintain performance and security  Required continuously after installation and configuration  To ensure desired performance and security  Two kinds  Reactive monitoring  Detecting and analyzing failures after they have occurred  Problem notifications  Analyzing logs after failures  Identify modus-operandi  Identify affected systems  Proactive testing 11

12 Common tasks (contd.)  Proactive testing  Testing a system for specific issues before they occur  Vulnerability scanners  Access systems and look for potential vulnerabilities.  Prioritize and resolve identified vulnerabilities  Penetration testing  Usually carried out by a professional security firm  Actively exploiting vulnerabilities found  Assessing the level of access that is gained  Recent developments  Chaos Monkey  Deliberately destroy running systems  Promoted by Netflix 12

13 Common tasks (contd.)  Updates  Replacing defective software components with components in which the identified defects have been removed  Remove vulnerabilities detected during ongoing use and monitoring of software  Two categories  Operating system updates  Fix issues with the low-level components of the system software  Developed and released by the operating system vendor  All modern operating systems can automatically check for and install required security updates without system administrator intervention 13

14 Common tasks (contd.)  Application updates  Fix problems in individual applications  Typically involve more effort  Ensure functioning of plug-ins from other vendors  And in-house additions  Many customizations not well documented or tested  Impact of an application update on customizations not predictable  Manual updates often necessary to deploy application updates  Typical update procedure  Install update on a development server  Test all applications on the development system  If successful  Deploy update to production systems 14

15 Common tasks (contd.)  Single points of failure  A part of a system whose failure will stop the entire system from working is a single point of failure  Related to hardware  Availability implications  Standard solution  Redundancy  Surplus capability, which is maintained to improve the reliability of a system  E.g. spare power supply  Cold spares  Extra parts used when necessary  Involve down time  Hot spares  Redundant components already in operation that can replace the failed component  No downtime  Used in all mission critical components 15

16 System administration utilities  Available for all enterprise software  Microsoft Windows  Systems Center  Configuration manager  Monitor installation and configuration of software across enterprise  Operations center  Monitor hardware status across enterprise  Unix/ Linux  Various utilities  Puppet, Oracle Jumpstart 16

17 Unix family tree Unics BSDOpenBSDNetBSDFreeBSDMac OSXSunOSSystem IIISystem VAIXSolarisXENIXHp/ UX 17

18 Summary  Role of system administration  Role of system administrators  Common system administration tasks  Enterprise utilities 18

19 Example case: T J Maxx  Major corporate information security incident  2007  Hackers had complete access to credit-card databases  T. J. Maxx, Barnes and Noble, Office Max and other retailers  August 5, 2008  US government charged 11 individuals  Wire fraud, damage to computer systems, conspiracy, criminal forfeiture, and other related charges  System administration failure  No encryption at T J Maxx stores  Web application vulnerabilities at other stores 19

20 T J Maxx sales (around intrusion) 20

21 Design case  Email provider selection 21

22 Hands-on activity  Install VirtualBox  Download and install the OS image  Start the virtual machine 22

Download ppt "Chapter 2 System Administration - 1. Overview  Introduction to system administration  Importance of system administration to information security "

Similar presentations

Presented by Nikita Shah 5th IT ( )

Presented by Nikita Shah 5th IT ( )
SECAM Systems Product Presentation SECAM Systems © 2010.

SECAM Systems Product Presentation SECAM Systems © 2010.
Understand Database Security Concepts

Understand Database Security Concepts
Chapter 19: Network Management Business Data Communications, 4e.

Chapter 19: Network Management Business Data Communications, 4e.
Client/Server Databases and the Oracle 10g Relational Database

Client/Server Databases and the Oracle 10g Relational Database
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 1: Introduction to Windows Server 2003.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 1: Introduction to Windows Server 2003.
ITS Offsite Workshop 2002 PolyU IT Security Policy PolyU IT/Computer Systems Security Policy (SSP) By Ken Chung Senior Computing Officer Information Technology.

ITS Offsite Workshop 2002 PolyU IT Security Policy PolyU IT/Computer Systems Security Policy (SSP) By Ken Chung Senior Computing Officer Information Technology.
Lecture 11 Reliability and Security in IT infrastructure.

Lecture 11 Reliability and Security in IT infrastructure.
Chapter 8 Security Transparencies © Pearson Education Limited 1995, 2005.

Chapter 8 Security Transparencies © Pearson Education Limited 1995, 2005.
Hands-On Microsoft Windows Server 2003 Chapter 2 Installing Windows Server 2003, Standard Edition.

Hands-On Microsoft Windows Server 2003 Chapter 2 Installing Windows Server 2003, Standard Edition.
Concepts of Database Management Seventh Edition

Concepts of Database Management Seventh Edition
Maintaining and Updating Windows Server 2008

Maintaining and Updating Windows Server 2008
Maintaining Windows Server 2008 File Services

Maintaining Windows Server 2008 File Services
Understanding Active Directory

Understanding Active Directory
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 1: Introduction to Windows Server 2003.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 1: Introduction to Windows Server 2003.
Presented by INTRUSION DETECTION SYSYTEM. CONTENT Basically this presentation contains, What is TripWire? How does TripWire work? Where is TripWire used?

Presented by INTRUSION DETECTION SYSYTEM. CONTENT Basically this presentation contains, What is TripWire? How does TripWire work? Where is TripWire used?
Introduction to Computer Administration System Administration

Introduction to Computer Administration System Administration
Introduction to Databases and Database Languages

Introduction to Databases and Database Languages
Section 6.1 Explain the development of operating systems Differentiate between operating systems Section 6.2 Demonstrate knowledge of basic GUI components.

Section 6.1 Explain the development of operating systems Differentiate between operating systems Section 6.2 Demonstrate knowledge of basic GUI components.
Chapter-4 Windows 2000 Professional Win2K Professional provides a very usable interface and was designed for use in the desktop PC. Microsoft server system.

Chapter-4 Windows 2000 Professional Win2K Professional provides a very usable interface and was designed for use in the desktop PC. Microsoft server system.

Similar presentations

Ads by Google