gg

1. Topic 1: Introduction to
Operating Systems
Hardening
Operating Systems Hardening
(CY311)
1

2. Course General Description
• This course examines network security principles and concepts from the
perspective of the operating system (OS).
• Emphasis is on discovering vulnerabilities in standard operating systems
that are targeted for attack.
• Focuses on the methods and countermeasures necessary to take a proactive
stance to address security vulnerabilities.
• Students will examine hardening and security-related principles, practices,
and policies to protect operating systems from security threats.
• It specifically addresses vulnerabilities and associated countermeasures for
various operating systems and network devices.
2

3. What is Information Security?
• Generally speaking, security means protecting your assets.
◦ This includes protection from attackers invading networks, natural disasters, vandalism,
loss, or misuse.
• The main goal in information security is to prevent information loss and unauthorized
disclosure.
• Today's information is most commonly stored in electronic form on computers (information
systems).
• Information that is secure is simply serving the purpose for which it is intended, and is not
being used for unintended purposes.
• Ensuring information is readily available and accessible for authorized use often makes
restricting data from unauthorized use more difficult; thus, most information security
decisions require careful thought to ensure balance between security and availability.
3

4. Tenets of Information Security: The C-I-A
Triad
The Confidentiality, Integrity, and Availability (CIA) triad represents three primary concepts in information
security.
• Confidentiality: The assurance that information cannot be accessed or viewed by unauthorized users.
◦ Example: Protecting a personal identification number (PIN) when withdrawing money from an ATM,
or a bank maintaining the confidentiality of account numbers and balances.
• Integrity: The assurance that information cannot be changed by unauthorized users.
◦ The goal is to protect information from unauthorized changes, which extends to the application
software development process.
• Availability: The assurance that information is available to authorized users in an acceptable timeframe
when requested.
◦ Many attacks, such as Denial of Service (DoS) attacks, focus on denying availability and can negatively
impact business functions.
• Each of these tenets interacts and, in some cases, may cause conflict with the others.
4

5. Expanding the Security Model: The
Parkerian Hexad
• The Parkerian hexad expands on the CIA triad by adding three more principles:
• Confidentiality, Integrity, and Availability: Included with the same definitions as the CIA triad.
• Possession or Control: Refers to the physical disposition of the media on which data is
stored.
◦ Example: If a shipment of backup tapes is lost, even if encrypted, it's a possession
problem. If unencrypted, it's both a possession and confidentiality problem.
• Authenticity: Ensures the origin and genuineness of data.
◦ Example: Confirming that valid payment and customer information belongs to the
individual conducting a transaction.
• Utility: Describes the usefulness of data.
◦ Example: Invalid or incorrect data will have limited utility.
5

6. Key Concepts: Threats, Vulnerabilities,
and Risk
• To speak more specifically about attacks, it's important to understand these terms:
• Threat: Something that has the potential to cause harm.
◦ Threats are often specific to certain environments (e.g., a Windows virus is unlikely to
affect a Linux operating system).
• Vulnerability: Weaknesses, or holes, that threats can exploit to cause harm.
◦ Examples include a specific operating system or application, the physical location of
an office building, or a data center producing too much heat.
• Risk: The likelihood that something bad will happen.
◦ For a risk to exist, there must be both a threat and a vulnerability that the threat
could exploit.
◦ Example: A wooden structure (vulnerability) near a fire (threat) definitely poses a risk.
6

7. Operating System Hardening - Initial
Course Content Topics
• The course "Operating Systems Hardening" (CY311) will cover these
essential topics early on:
◦ Secure Installation (5 Contact Hours): Defining the fundamental concepts
for secure installation.
◦ Removing Unnecessary Components (5 Contact Hours): Addressing
vulnerabilities by removing unneeded components, services, and ports.
◦ File System Maintenance: Isolation of Sensitive Data (5 Contact Hours):
Protecting critical data through proper file system management.
◦ User Restrictions: Access and Authorizations (7 Contact Hours):
Implementing controls to manage user access and authorizations.
7

8. Course Learning Outcomes (CLOs) for
this Session
• Upon completing this session, you should be able to:
◦ Define the fundamental concepts for secure installation (CLO 1.1).
◦ Understand the core concepts of information security, including
the CIA triad and Parkerian hexad.
◦ Distinguish between threats, vulnerabilities, and risk in an
information security context.
◦ Gain an initial understanding of operating system hardening
principles.
8