SlideShare a Scribd company logo

Operating system security

Download as PPTX, PDF
Rachel Jeewa
Rachel Jeewa

This document discusses various threats to computer system security and methods to protect Windows operating systems. It describes viruses, Trojans, spyware and techniques like password cracking that pose security risks. It then provides guidelines for securing Windows, such as enabling the firewall, configuring strong passwords, and keeping the system updated. Methods are outlined for features like BitLocker encryption and NTFS formatting to enhance security. Overall the document aims to raise awareness of cyber threats and share best practices for protecting Windows computers.

1 of 22
Operating System Security O Rachel Jeewa O www.twitter.com/RachelJeewa 1
In Old Days 2
Objective O Nowadays, as systems grow powerful , attacks on system grow more sophisticated. O Therefore, it is important that the system users secure the computer from threats. 3
Threats to System Security O Virus A virus is a program that replicates by copying itself to other programs, system boot sectors or documents or applications. Some viruses can damage to your files by deleting or corrupting them. Some may display rude or strange message on the screen. Some can allow other people to access and control your computer. 4
Trojan O A Trojan is a program that seems to legitimate but acts maliciously when executed. It can open direct entry point for attacker so attacker may use system’s resources such as hard disk spce. Spyware O Spyware includes Trojans and other malicious software that steals personal information from a system without user’s knowledge. 6
Log-in Password Cracking 1.Guessing Password Guessing is trying different passwords until one works. 2.Shoulder Surfing Shoulder Surfing involves watching while someone types the password. 7
Log-in Password Cracking 3. Social Engineering Social Engineering is tricking people to reveal their passwords or other information that can be used to guess a password. 4.Dictionary Attack Dictionary attack uses a pre-defined list of words to recover the password. This is likely to succeed when the password is short. Several password cracking programs are available on the internet. 8
Guidelines for Windows OS Security 1.Lock the system when not in use It helps to secure the workstation from an unauthorized user. Method_ Selects the Window and L buttons together on the keyboard to lock the system. 2.Create strong user password A weak password does not offer an effective protection .Always use strong password e.g tEst@5#8* Method_ Control Panel User Accounts 9
Guidelines for Windows OS Security 3.Disable the guest account Unwanted guest accounts can be exploited by attackers to gain entry in to the system. Method_ Click the Start button, right-click Computer from shortcut menu, and choose Manage. Go to Local Users and Groups Users. Double-click on Guest icon. In the Guest Properties window, check the box next to Account is disabled and click OK . 10
Guidelines for Windows OS Security 4.Lock out unwanted guests Lock out unwanted guests by configuring the setting of the account lockout policy to limit the number of login attempts . Method_ click on Start button, Control Panel, And click Administrative Tools. Double click the Local Security Policy, click Account Policies, double-click the Account Lockout Policy, and double click Account Lockout Threshold. A the prompt, enter the number of invalid login (e.g 3). Click OK. 11
Window Update in Window7 For Window OS, enable automatic updates to ensure that the OS is patched and up-todate. Method_ click Start , Control Panel and select System and Security. Select Windows Update Change Settings. Choose how Windows should updates and click OK. 12
Pointers for Updates O Always patch the OS and applications to O O O O the latest patch levels. Ensure that patches are downloaded only from vendor site. Use patch management tools for easier updating . Several free tools are available. Do not send patches through email. Choose to be notified by the vendor about vulnerability announcements. 13
Window Firewall O A firewall is software that guards the system from unwarranted traffic when connected to a network. Hackers can try to take advantage of programs running on the system and try to execute malicious code. Hacking tools such as Trojan can send information from the victim’s computer to the attacker’s computer. A firewall can detect this attack and block certain traffic . 14
Configuring Window Firewall O Steps to configure window firewall include: Method_ Start Control Panel In the search box, type firewall and click Windows Firewall. In the left pane, click Turn Windows Firewall On or Off. Check the circles Turn On Windows Firewall. Click OK. 15
Using NTFS O The NTFS file system provides better performance and security for data on hard disks and partitions than FAT file system. You can convert earlier FAT or FAT32 file system to NTFS by using the covert command. 16
Using NTFS O Click Start and type cmd , right click Command Prompt and then click Run as Administrator. O In the Command Prompt, type covert drive_letter: /fs:ntfs , where drive_letter is the letter of the drive to be converted to NTFS. Then press Enter. O Type the name of the volume you want to convert and press enter.When the conversion complete restart the computer. O Note-Converting to NTFS does not affect the data. 17
Windows EFS O Windows encryption file system(EFS) allows window7 user to encrypt files and folders. But encryption does not allow encryption on compressed or zipped files and system files. O Method_ right click on a file or folder to encrypt, select Properties on the General tab, and click the Advanced botton. Select Encrypt contents to secure data. Click OK to close the dialog box and click Apply O The encryption dialog box appears. Check either 18 of the two options and click OK.
Decrypt A File Using EFS O To decrypt a encrypted folder or file- Right click on the folder or file to decrypt and select Properties. On the General tab, click the Advanced button. The Advanced Attributes box will appears. Uncheck Encrypt contents to secure data, click OK to close the dialog box, apply the settings and click OK. 19
BitLocker O BitLocker drive encryption allows the entire volume of the system to be secured. Encrypted removable media can be decrypted and re-encrypted again. O Method_ click Start and click Computer. Right click on the drive and select the option Turn On BitLocker… 20
Windows Security Tools 1.Microsoft Security Essentials http://www.microsoft.com 2.Keepass Password Safe Portable http://www.portableapps.com 3.Registry Mechanic http://www.pctools.com 21
Thank You! 22

Recommended

OPERATING SYSTEM SECURITY
OPERATING SYSTEM SECURITYOPERATING SYSTEM SECURITY
OPERATING SYSTEM SECURITY
RohitK71
 
Operating system security
Operating system securityOperating system security
Operating system security
Ramesh Ogania
 
Operating system security
Operating system securityOperating system security
Operating system securitySarmad Makhdoom
 
Security & protection in operating system
Security & protection in operating systemSecurity & protection in operating system
Security & protection in operating system
Abou Bakr Ashraf
 
Security in Windows operating system
Security in Windows operating systemSecurity in Windows operating system
Security in Windows operating system
abdullah roomi
 
Windows Security
Windows Security Windows Security
Windows Security
Pooja Talreja
 
Operating System Security
Operating System SecurityOperating System Security
Operating System Security
Ramesh Upadhaya
 
Introduction to Malware Analysis
Introduction to Malware AnalysisIntroduction to Malware Analysis
Introduction to Malware Analysis
Andrew McNicol
 

Recommended

OPERATING SYSTEM SECURITY
OPERATING SYSTEM SECURITYOPERATING SYSTEM SECURITY
OPERATING SYSTEM SECURITY
RohitK71
 
Operating system security
Operating system securityOperating system security
Operating system security
Ramesh Ogania
 
Operating system security
Operating system securityOperating system security
Operating system securitySarmad Makhdoom
 
Security & protection in operating system
Security & protection in operating systemSecurity & protection in operating system
Security & protection in operating system
Abou Bakr Ashraf
 
Security in Windows operating system
Security in Windows operating systemSecurity in Windows operating system
Security in Windows operating system
abdullah roomi
 
Windows Security
Windows Security Windows Security
Windows Security
Pooja Talreja
 
Operating System Security
Operating System SecurityOperating System Security
Operating System Security
Ramesh Upadhaya
 
Introduction to Malware Analysis
Introduction to Malware AnalysisIntroduction to Malware Analysis
Introduction to Malware Analysis
Andrew McNicol
 
Protection and security
Protection and securityProtection and security
Protection and security
mbadhi
 
Footprinting and reconnaissance
Footprinting and reconnaissanceFootprinting and reconnaissance
Footprinting and reconnaissance
NishaYadav177
 
Application Security
Application SecurityApplication Security
Application Securityflorinc
 
Windows Security in Operating System
Windows Security in Operating SystemWindows Security in Operating System
Windows Security in Operating System
Meghaj Mallick
 
Linux security
Linux securityLinux security
Linux security
trilokchandra prakash
 
Reconnaissance
ReconnaissanceReconnaissance
Reconnaissance
n|u - The Open Security Community
 
system Security
system Security system Security
system Security
Gaurav Mishra
 
Intrusion detection
Intrusion detectionIntrusion detection
Intrusion detection
CAS
 
System hacking
System hackingSystem hacking
System hacking
CAS
 
OS Security 2009
OS Security 2009OS Security 2009
OS Security 2009
Deborah Obasogie
 
Introduction To Exploitation & Metasploit
Introduction To Exploitation & MetasploitIntroduction To Exploitation & Metasploit
Introduction To Exploitation & Metasploit
Raghav Bisht
 
Metasploit framwork
Metasploit framworkMetasploit framwork
Metasploit framwork
Deepanshu Gajbhiye
 
Introduction to penetration testing
Introduction to penetration testingIntroduction to penetration testing
Introduction to penetration testing
Nezar Alazzabi
 
Malware analysis
Malware analysisMalware analysis
Malware analysisPrakashchand Suthar
 
Ethical hacking Chapter 7 - Enumeration - Eric Vanderburg
Ethical hacking Chapter 7 - Enumeration - Eric VanderburgEthical hacking Chapter 7 - Enumeration - Eric Vanderburg
Ethical hacking Chapter 7 - Enumeration - Eric Vanderburg
Eric Vanderburg
 
Network scanning
Network scanningNetwork scanning
Network scanning
oceanofwebs
 
Ch02 System Threats and Risks
Ch02 System Threats and RisksCh02 System Threats and Risks
Ch02 System Threats and Risks
Information Technology
 
Program security
Program securityProgram security
Program security
G Prachi
 
Lesson 3
Lesson 3Lesson 3
Lesson 3
MLG College of Learning, Inc
 
Intrusion detection system
Intrusion detection systemIntrusion detection system
Intrusion detection system
OECLIB Odisha Electronics Control Library
 
18IF004_CNS.docx
18IF004_CNS.docx18IF004_CNS.docx
18IF004_CNS.docx
RajAmbere1
 
Operating systems 2
Operating systems 2Operating systems 2
Operating systems 2mariacalji
 

More Related Content

What's hot

Protection and security
Protection and securityProtection and security
Protection and security
mbadhi
 
Footprinting and reconnaissance
Footprinting and reconnaissanceFootprinting and reconnaissance
Footprinting and reconnaissance
NishaYadav177
 
Application Security
Application SecurityApplication Security
Application Securityflorinc
 
Windows Security in Operating System
Windows Security in Operating SystemWindows Security in Operating System
Windows Security in Operating System
Meghaj Mallick
 
Linux security
Linux securityLinux security
Linux security
trilokchandra prakash
 
system Security
system Security system Security
system Security
Gaurav Mishra
 
Intrusion detection
Intrusion detectionIntrusion detection
Intrusion detection
CAS
 
System hacking
System hackingSystem hacking
System hacking
CAS
 
OS Security 2009
OS Security 2009OS Security 2009
OS Security 2009
Deborah Obasogie
 
Introduction To Exploitation & Metasploit
Introduction To Exploitation & MetasploitIntroduction To Exploitation & Metasploit
Introduction To Exploitation & Metasploit
Raghav Bisht
 
Metasploit framwork
Metasploit framworkMetasploit framwork
Metasploit framwork
Deepanshu Gajbhiye
 
Introduction to penetration testing
Introduction to penetration testingIntroduction to penetration testing
Introduction to penetration testing
Nezar Alazzabi
 
Ethical hacking Chapter 7 - Enumeration - Eric Vanderburg
Ethical hacking Chapter 7 - Enumeration - Eric VanderburgEthical hacking Chapter 7 - Enumeration - Eric Vanderburg
Ethical hacking Chapter 7 - Enumeration - Eric Vanderburg
Eric Vanderburg
 
Network scanning
Network scanningNetwork scanning
Network scanning
oceanofwebs
 
Ch02 System Threats and Risks
Ch02 System Threats and RisksCh02 System Threats and Risks
Ch02 System Threats and Risks
Information Technology
 
Program security
Program securityProgram security
Program security
G Prachi
 
Lesson 3
Lesson 3Lesson 3
Lesson 3
MLG College of Learning, Inc
 
Intrusion detection system
Intrusion detection systemIntrusion detection system
Intrusion detection system
OECLIB Odisha Electronics Control Library
 

What's hot (20)

Protection and security
Protection and securityProtection and security
Protection and security
 
Footprinting and reconnaissance
Footprinting and reconnaissanceFootprinting and reconnaissance
Footprinting and reconnaissance
 
Application Security
Application SecurityApplication Security
Application Security
 
Windows Security in Operating System
Windows Security in Operating SystemWindows Security in Operating System
Windows Security in Operating System
 
Linux security
Linux securityLinux security
Linux security
 
Reconnaissance
ReconnaissanceReconnaissance
Reconnaissance
 
system Security
system Security system Security
system Security
 
Intrusion detection
Intrusion detectionIntrusion detection
Intrusion detection
 
System hacking
System hackingSystem hacking
System hacking
 
OS Security 2009
OS Security 2009OS Security 2009
OS Security 2009
 
Introduction To Exploitation & Metasploit
Introduction To Exploitation & MetasploitIntroduction To Exploitation & Metasploit
Introduction To Exploitation & Metasploit
 
Metasploit framwork
Metasploit framworkMetasploit framwork
Metasploit framwork
 
Introduction to penetration testing
Introduction to penetration testingIntroduction to penetration testing
Introduction to penetration testing
 
Malware analysis
Malware analysisMalware analysis
Malware analysis
 
Ethical hacking Chapter 7 - Enumeration - Eric Vanderburg
Ethical hacking Chapter 7 - Enumeration - Eric VanderburgEthical hacking Chapter 7 - Enumeration - Eric Vanderburg
Ethical hacking Chapter 7 - Enumeration - Eric Vanderburg
 
Network scanning
Network scanningNetwork scanning
Network scanning
 
Ch02 System Threats and Risks
Ch02 System Threats and RisksCh02 System Threats and Risks
Ch02 System Threats and Risks
 
Program security
Program securityProgram security
Program security
 
Lesson 3
Lesson 3Lesson 3
Lesson 3
 
Intrusion detection system
Intrusion detection systemIntrusion detection system
Intrusion detection system
 

Similar to Operating system security

18IF004_CNS.docx
18IF004_CNS.docx18IF004_CNS.docx
18IF004_CNS.docx
RajAmbere1
 
Operating systems 2
Operating systems 2Operating systems 2
Operating systems 2mariacalji
 
so big 22
so big 22so big 22
so big 22cainem
 
so big ppt
so big pptso big ppt
so big pptcainem
 
so big
so bigso big
so bigcainem
 
Total Security MAC User Guide
Total Security MAC User GuideTotal Security MAC User Guide
Total Security MAC User Guide
QUICK HEAL TECHNOLOGIES LIMITED
 
LESSON 2.pptx
LESSON 2.pptxLESSON 2.pptx
LESSON 2.pptx
EchelleOgatis
 
Desktop and Server Security
Desktop and Server SecurityDesktop and Server Security
Desktop and Server Security
Abhinit Kumar Sharma
 
Desktop and server securityse
Desktop and server securityseDesktop and server securityse
Desktop and server securityse
Appin Ara
 
Fixed: Slow Startup on Windows 10 HP Laptop
Fixed: Slow Startup on Windows 10 HP LaptopFixed: Slow Startup on Windows 10 HP Laptop
Fixed: Slow Startup on Windows 10 HP Laptop
Dash Milly
 
How to Troubleshoot QuickBooks Error 1303?
How to Troubleshoot QuickBooks Error 1303?How to Troubleshoot QuickBooks Error 1303?
How to Troubleshoot QuickBooks Error 1303?
nickmosan
 
Checking Windows for signs of compromise
Checking Windows for signs of compromiseChecking Windows for signs of compromise
Checking Windows for signs of compromise
Cal Bryant
 
Operating systems
Operating systemsOperating systems
Operating systems
sandrahezro
 
Remove Clickhoofind.com
Remove Clickhoofind.com Remove Clickhoofind.com
Remove Clickhoofind.com
kingh05
 
Security
SecuritySecurity
Security
Pooja Talreja
 
Cscu module 02 securing operating systems
Cscu module 02 securing operating systemsCscu module 02 securing operating systems
Cscu module 02 securing operating systemsSejahtera Affif
 
Optimize your computer for peak performance
Optimize your computer for peak performanceOptimize your computer for peak performance
Optimize your computer for peak performancepacampbell
 
Lab-12 Social Engineering and Physical Security The firs.docx
Lab-12 Social Engineering and Physical Security The firs.docxLab-12 Social Engineering and Physical Security The firs.docx
Lab-12 Social Engineering and Physical Security The firs.docx
pauline234567
 

Similar to Operating system security (20)

18IF004_CNS.docx
18IF004_CNS.docx18IF004_CNS.docx
18IF004_CNS.docx
 
Operating systems 2
Operating systems 2Operating systems 2
Operating systems 2
 
Windows 0.1
Windows 0.1Windows 0.1
Windows 0.1
 
so big 22
so big 22so big 22
so big 22
 
so big ppt
so big pptso big ppt
so big ppt
 
so big
so bigso big
so big
 
Total Security MAC User Guide
Total Security MAC User GuideTotal Security MAC User Guide
Total Security MAC User Guide
 
LESSON 2.pptx
LESSON 2.pptxLESSON 2.pptx
LESSON 2.pptx
 
Desktop and Server Security
Desktop and Server SecurityDesktop and Server Security
Desktop and Server Security
 
Desktop and server securityse
Desktop and server securityseDesktop and server securityse
Desktop and server securityse
 
Fixed: Slow Startup on Windows 10 HP Laptop
Fixed: Slow Startup on Windows 10 HP LaptopFixed: Slow Startup on Windows 10 HP Laptop
Fixed: Slow Startup on Windows 10 HP Laptop
 
How to Troubleshoot QuickBooks Error 1303?
How to Troubleshoot QuickBooks Error 1303?How to Troubleshoot QuickBooks Error 1303?
How to Troubleshoot QuickBooks Error 1303?
 
Checking Windows for signs of compromise
Checking Windows for signs of compromiseChecking Windows for signs of compromise
Checking Windows for signs of compromise
 
Operating systems
Operating systemsOperating systems
Operating systems
 
Remove Clickhoofind.com
Remove Clickhoofind.com Remove Clickhoofind.com
Remove Clickhoofind.com
 
Security
SecuritySecurity
Security
 
Cscu module 02 securing operating systems
Cscu module 02 securing operating systemsCscu module 02 securing operating systems
Cscu module 02 securing operating systems
 
Optimize your computer for peak performance
Optimize your computer for peak performanceOptimize your computer for peak performance
Optimize your computer for peak performance
 
Ransomware
RansomwareRansomware
Ransomware
 
Lab-12 Social Engineering and Physical Security The firs.docx
Lab-12 Social Engineering and Physical Security The firs.docxLab-12 Social Engineering and Physical Security The firs.docx
Lab-12 Social Engineering and Physical Security The firs.docx
 

Recently uploaded

Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Product School
 
Accelerate your Kubernetes clusters with Varnish Caching
Accelerate your Kubernetes clusters with Varnish CachingAccelerate your Kubernetes clusters with Varnish Caching
Accelerate your Kubernetes clusters with Varnish Caching
Thijs Feryn
 
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdfFIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance
 
FIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdfFIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance
 
The Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and SalesThe Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and Sales
Laura Byrne
 
Monitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR EventsMonitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR Events
Ana-Maria Mihalceanu
 
GraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge GraphGraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge Graph
Guy Korland
 
Knowledge engineering: from people to machines and back
Knowledge engineering: from people to machines and backKnowledge engineering: from people to machines and back
Knowledge engineering: from people to machines and back
Elena Simperl
 
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
Product School
 
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
Product School
 
JMeter webinar - integration with InfluxDB and Grafana
JMeter webinar - integration with InfluxDB and GrafanaJMeter webinar - integration with InfluxDB and Grafana
JMeter webinar - integration with InfluxDB and Grafana
RTTS
 
Connector Corner: Automate dynamic content and events by pushing a button
Connector Corner: Automate dynamic content and events by pushing a buttonConnector Corner: Automate dynamic content and events by pushing a button
Connector Corner: Automate dynamic content and events by pushing a button
DianaGray10
 
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Ramesh Iyer
 
Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !
KatiaHIMEUR1
 
Leading Change strategies and insights for effective change management pdf 1.pdf
Leading Change strategies and insights for effective change management pdf 1.pdfLeading Change strategies and insights for effective change management pdf 1.pdf
Leading Change strategies and insights for effective change management pdf 1.pdf
OnBoard
 
Assuring Contact Center Experiences for Your Customers With ThousandEyes
Assuring Contact Center Experiences for Your Customers With ThousandEyesAssuring Contact Center Experiences for Your Customers With ThousandEyes
Assuring Contact Center Experiences for Your Customers With ThousandEyes
ThousandEyes
 
Key Trends Shaping the Future of Infrastructure.pdf
Key Trends Shaping the Future of Infrastructure.pdfKey Trends Shaping the Future of Infrastructure.pdf
Key Trends Shaping the Future of Infrastructure.pdf
Cheryl Hung
 
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Jeffrey Haguewood
 
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
Product School
 
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
James Anderson
 

Recently uploaded (20)

Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
 
Accelerate your Kubernetes clusters with Varnish Caching
Accelerate your Kubernetes clusters with Varnish CachingAccelerate your Kubernetes clusters with Varnish Caching
Accelerate your Kubernetes clusters with Varnish Caching
 
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdfFIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
 
FIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdfFIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdf
 
The Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and SalesThe Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and Sales
 
Monitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR EventsMonitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR Events
 
GraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge GraphGraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge Graph
 
Knowledge engineering: from people to machines and back
Knowledge engineering: from people to machines and backKnowledge engineering: from people to machines and back
Knowledge engineering: from people to machines and back
 
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
 
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
 
JMeter webinar - integration with InfluxDB and Grafana
JMeter webinar - integration with InfluxDB and GrafanaJMeter webinar - integration with InfluxDB and Grafana
JMeter webinar - integration with InfluxDB and Grafana
 
Connector Corner: Automate dynamic content and events by pushing a button
Connector Corner: Automate dynamic content and events by pushing a buttonConnector Corner: Automate dynamic content and events by pushing a button
Connector Corner: Automate dynamic content and events by pushing a button
 
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
 
Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !
 
Leading Change strategies and insights for effective change management pdf 1.pdf
Leading Change strategies and insights for effective change management pdf 1.pdfLeading Change strategies and insights for effective change management pdf 1.pdf
Leading Change strategies and insights for effective change management pdf 1.pdf
 
Assuring Contact Center Experiences for Your Customers With ThousandEyes
Assuring Contact Center Experiences for Your Customers With ThousandEyesAssuring Contact Center Experiences for Your Customers With ThousandEyes
Assuring Contact Center Experiences for Your Customers With ThousandEyes
 
Key Trends Shaping the Future of Infrastructure.pdf
Key Trends Shaping the Future of Infrastructure.pdfKey Trends Shaping the Future of Infrastructure.pdf
Key Trends Shaping the Future of Infrastructure.pdf
 
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
 
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
 
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
 

Operating system security

  • 1. Operating System Security O Rachel Jeewa O www.twitter.com/RachelJeewa 1
  • 3. Objective O Nowadays, as systems grow powerful , attacks on system grow more sophisticated. O Therefore, it is important that the system users secure the computer from threats. 3
  • 4. Threats to System Security O Virus A virus is a program that replicates by copying itself to other programs, system boot sectors or documents or applications. Some viruses can damage to your files by deleting or corrupting them. Some may display rude or strange message on the screen. Some can allow other people to access and control your computer. 4
  • 5.
  • 6. Trojan O A Trojan is a program that seems to legitimate but acts maliciously when executed. It can open direct entry point for attacker so attacker may use system’s resources such as hard disk spce. Spyware O Spyware includes Trojans and other malicious software that steals personal information from a system without user’s knowledge. 6
  • 7. Log-in Password Cracking 1.Guessing Password Guessing is trying different passwords until one works. 2.Shoulder Surfing Shoulder Surfing involves watching while someone types the password. 7
  • 8. Log-in Password Cracking 3. Social Engineering Social Engineering is tricking people to reveal their passwords or other information that can be used to guess a password. 4.Dictionary Attack Dictionary attack uses a pre-defined list of words to recover the password. This is likely to succeed when the password is short. Several password cracking programs are available on the internet. 8
  • 9. Guidelines for Windows OS Security 1.Lock the system when not in use It helps to secure the workstation from an unauthorized user. Method_ Selects the Window and L buttons together on the keyboard to lock the system. 2.Create strong user password A weak password does not offer an effective protection .Always use strong password e.g tEst@5#8* Method_ Control Panel User Accounts 9
  • 10. Guidelines for Windows OS Security 3.Disable the guest account Unwanted guest accounts can be exploited by attackers to gain entry in to the system. Method_ Click the Start button, right-click Computer from shortcut menu, and choose Manage. Go to Local Users and Groups Users. Double-click on Guest icon. In the Guest Properties window, check the box next to Account is disabled and click OK . 10
  • 11. Guidelines for Windows OS Security 4.Lock out unwanted guests Lock out unwanted guests by configuring the setting of the account lockout policy to limit the number of login attempts . Method_ click on Start button, Control Panel, And click Administrative Tools. Double click the Local Security Policy, click Account Policies, double-click the Account Lockout Policy, and double click Account Lockout Threshold. A the prompt, enter the number of invalid login (e.g 3). Click OK. 11
  • 12. Window Update in Window7 For Window OS, enable automatic updates to ensure that the OS is patched and up-todate. Method_ click Start , Control Panel and select System and Security. Select Windows Update Change Settings. Choose how Windows should updates and click OK. 12
  • 13. Pointers for Updates O Always patch the OS and applications to O O O O the latest patch levels. Ensure that patches are downloaded only from vendor site. Use patch management tools for easier updating . Several free tools are available. Do not send patches through email. Choose to be notified by the vendor about vulnerability announcements. 13
  • 14. Window Firewall O A firewall is software that guards the system from unwarranted traffic when connected to a network. Hackers can try to take advantage of programs running on the system and try to execute malicious code. Hacking tools such as Trojan can send information from the victim’s computer to the attacker’s computer. A firewall can detect this attack and block certain traffic . 14
  • 15. Configuring Window Firewall O Steps to configure window firewall include: Method_ Start Control Panel In the search box, type firewall and click Windows Firewall. In the left pane, click Turn Windows Firewall On or Off. Check the circles Turn On Windows Firewall. Click OK. 15
  • 16. Using NTFS O The NTFS file system provides better performance and security for data on hard disks and partitions than FAT file system. You can convert earlier FAT or FAT32 file system to NTFS by using the covert command. 16
  • 17. Using NTFS O Click Start and type cmd , right click Command Prompt and then click Run as Administrator. O In the Command Prompt, type covert drive_letter: /fs:ntfs , where drive_letter is the letter of the drive to be converted to NTFS. Then press Enter. O Type the name of the volume you want to convert and press enter.When the conversion complete restart the computer. O Note-Converting to NTFS does not affect the data. 17
  • 18. Windows EFS O Windows encryption file system(EFS) allows window7 user to encrypt files and folders. But encryption does not allow encryption on compressed or zipped files and system files. O Method_ right click on a file or folder to encrypt, select Properties on the General tab, and click the Advanced botton. Select Encrypt contents to secure data. Click OK to close the dialog box and click Apply O The encryption dialog box appears. Check either 18 of the two options and click OK.
  • 19. Decrypt A File Using EFS O To decrypt a encrypted folder or file- Right click on the folder or file to decrypt and select Properties. On the General tab, click the Advanced button. The Advanced Attributes box will appears. Uncheck Encrypt contents to secure data, click OK to close the dialog box, apply the settings and click OK. 19
  • 20. BitLocker O BitLocker drive encryption allows the entire volume of the system to be secured. Encrypted removable media can be decrypted and re-encrypted again. O Method_ click Start and click Computer. Right click on the drive and select the option Turn On BitLocker… 20
  • 21. Windows Security Tools 1.Microsoft Security Essentials http://www.microsoft.com 2.Keepass Password Safe Portable http://www.portableapps.com 3.Registry Mechanic http://www.pctools.com 21