SlideShare a Scribd company logo

Windows Security

Download as PPTX, PDF
P
Pooja Talreja

This will give an overview about how operating system works and how security is provided in Windows OS.

1 of 57
1
2 CONTENTS  STRUCTURE OF OS  WINDOWS SECURITY  CREATING USERS AND GROUPS  ACHIEVING SECURITY USING ArcGIS SERVER  PERMISSIONS  HOTFIX  PATCHES
3
STRUCTURE OF OS 4
FUNCTIONS OF KERNEL OSs provide environments in which programs run, and services for the users of the system, including: User Interfaces - Means by which users can issue commands to the system.  Program Execution - The OS must be able to load a program into RAM, run the program, and terminate the program, either normally or abnormally.  I/O Operations - The OS is responsible for transferring data to and from I/O devices, including keyboards, terminals, printers, and storage devices.  File-System Manipulation - In addition to raw data storage, the OS is also responsible for maintaining directory and subdirectory structures.  Communications - Inter-process communications, IPC, either between processes running on the same processor, or between processes running on separate processors or separate machines. 5
CONTINUE… Error Detection Resource Allocation - E.g. CPU cycles, main memory, storage space, and peripheral devices.  Accounting - Keeping track of system activity and resource usage.  Protection and Security - Preventing harm to the system and to resources, either through wayward internal processes or malicious outsiders. 6
User Operating-System Interface 1. Command Interpreter Gets and processes the next user request, and launches the requested programs. 2. Graphical User Interface, GUI Generally implemented as a desktop metaphor, with file folders, trash cans, and resource icons. Icons represent some item on the system, and respond accordingly when the icon is activated. 7
GRAPHICAL USER INTERFACE 8
Choice of interface Most modern systems allow individual users to select their desired interface, and to customize its operation, as well as the ability to switch between different interfaces as needed. System administrators generally determine which interface a user starts with when they first log in. SYSTEM CALLS System calls provide a means for user or application programs to call upon the services of the operating system. Generally written in C or C++, although some are written in assembly for optimal performance. 9
ILLUSTRATION OF SYSTEM CALL 10
Types of System Calls  PROCESS CONTROL: Process control system calls include end, abort, load, execute, create process, terminate process, get/set process attributes, wait for time or event, signal event, and allocate and free memory. 11
12  FILE MANAGEMENT: File management system calls include create file, delete file, open, close, read, write, reposition, get file attributes, and set file attributes.
13  DEVICE MANAGEMENT: Device management system calls include request device, release device, read, write, reposition, get/set device attributes, and logically attach or detach devices.
 INFORMATION MAINTENANCE: Information maintenance system calls include calls to get/set the time, date, system data, and process, file, or device attributes. 14
15  COMMUNICATIONS: Communication system calls create/delete communication connection, send/receive messages, transfer status information, and attach/detach remote devices.
 PROTECTION: Protection provides mechanisms for controlling which users / processes have access to which system resources. 16
17
18 System Programs  System programs provide OS functionality through separate applications, which are not part of the kernel or command interpreters.  They are also known as system utilities or system applications.  Most systems also ship with useful applications such as calculators and simple editors, ( e.g. Notepad ).
19 System programs may be divided into these categories:  File management - programs to create, delete, copy, rename, print, list, and generally manipulate files and directories.  Status information - Utilities to check on the date, time, number of users, processes running, data logging, etc.  File modification - e.g. text editors and other tools which can change file contents.  Programming-language support - E.g. Compilers, linkers, debuggers, profilers, assemblers, library archive management, interpreters for common languages, and support for make.
20 CONTINUE…  Program loading and execution - loaders, dynamic loaders, overlay loaders, etc., as well as interactive debuggers.  Communications - Programs for providing connectivity between processes and users, including mail, web browsers, remote logins, file transfers, and remote command execution.  Background services - Examples include network daemons, print servers, process schedulers, and system error monitoring services.  Most operating systems today also come complete with a set of application programs to provide additional services, such as copying files or checking the time and date.
21 Using Windows Security Center Windows Security Center can help enhance your computer's security by checking the status of several security essentials on your computer, including firewall settings, Windows automatic updating, anti-malware software settings, Internet security settings, and User Account Control settings. If Windows detects a problem with any of these security essentials (for example, if your antivirus program is out of date), Security Center displays a notification and places a Security Center icon in the notification area. Click the notification or double-click the Security Center icon to open Security Center and get information about how to fix the problem.
22 Windows Security Center
23 Firewall A firewall can help prevent hackers or malicious software (such as worms) from gaining access to your computer through a network or the Internet. A firewall can also help stop your computer from sending malicious software to other computers. Windows checks if your computer is protected by a software firewall. If the firewall is off, Security Center will display a notification and put a Security Center icon in the notification area. To turn on Windows Firewall 1. Open Security Center by clicking the Start button , clicking Control Panel, clicking Security, and then clicking Security Center. 2. Click Firewall, and then click Turn on now. If you are prompted for an administrator password or confirmation, type the password or provide confirmation.
24 Automatic updating Windows can routinely check for updates for your computer and install them automatically. You can use Security Center to make sure Automatic updating is turned on. If updating is turned off, Security Center will display a notification and put a Security Center icon in the notification area. To turn on automatic updating 1. Open Security Center by clicking the Start button , clicking Control Panel, clicking Security, and then clicking Security Center 2. Click Automatic updating, and then click Turn on now. If you are prompted for an administrator password or confirmation, type the password or provide confirmation.
25
26 Malicious software protection Malicious software (malware) protection can help protect your computer against viruses, spyware, and other security threats. Security Center checks if your computer is using up-to-date antispyware and antivirus software. If your antivirus or antispyware software is turned off or out of date, Security Center will display a notification and put a Security Center icon in the notification area. To install or update your anti-malware software 1. Open Security Center by clicking the Start button , clicking Control Panel, clicking Security, and then clicking Security Center. 2. Click Malware protection, click the button under Virus protection or Spyware and other malware protection, and then choose the option that you want.
27 Other security settings Windows checks your Internet security settings and User Account Control settings to make sure they are set at the recommended levels. If your Internet or User Account Control settings are changed to a security level that is not recommended, Security Center will display a notification and put a Security Center icon in the notification area. To restore Internet settings to recommended levels 1. Open Security Center by clicking the Start button , clicking Control Panel, clicking Security, and then clicking Security Center. 2. Click Other security settings. 3. Under Internet security settings, click Restore settings.
28 4. Do one of the following:  To automatically reset the Internet security settings that are at risk to their default level, click Restore my Internet security settings now.  To reset the Internet security settings yourself, click I want to restore my Internet security settings myself. Click the security zone you want to change settings for, and then click Custom level. To restore User Account Control settings to recommended levels 1. Open Security Center by clicking the Start button , clicking Control Panel, clicking Security, and then clicking Security Center. 2. Click Other security settings. 3. Under User Account Control, click Turn on now. If you are prompted for an administrator password or confirmation, type the password or provide confirmation.
CREATING USER IN WINDOWS With user accounts, several people can easily share a single computer. Each person can have a separate user account with unique settings and preferences, such as a desktop background or screen saver. User accounts control which files and programs users can access and what types of changes users can make to the computer. Typically, you'll want to create standard accounts for most computer users. 29
30 Add users and groups with operating system tools In order to assign permissions based on Windows users and groups, you may need to add users and groups to your system. 1. To add users and groups to the local Web server, go to Start - Control Panel - Administrative Tools - Computer Management (alternatively, right-click on the My Computer icon on the Desktop, and click Manage). In the Computer Management console, expand if necessary the System Tools and then Local Users and Groups. Click the Users folder to view the list of users. In Windows Vista or Server 2008, go instead to Start – Control Panel - Administrative Tools - Server Manager. In the Server Manager, expand Configuration and then Local Users and Groups. Click the Users folder to view the list of users.
31 2. Right-click on the Users folder and choose New User... The New User dialog opens. 3. Enter the user name, for example, walkthrough1. Enter a password and confirm it (for example, walkthrough1). You may uncheck the requirement that the user must change password at next logon. Set other options as desired, then click Create.
32 4. Add at least one other user, for example, walkthrough2. Close the New User dialog. 5. Right-click on the Groups folder in the Computer Management (or Server Manager) tree, and choose New Group... The New Group dialog opens. 6. Enter the group name, for example, WTGroup1. Optionally add a description. To add members to the group:  Under the Members area, click Add... The Select Users, Computer or Groups dialog opens.  In the Select Users dialog, click the Locations... button, and in the popup dialog, select the local computer's name and click OK.  Back in the Select Users dialog, under the Enter the object names to select box, type the name of the first user added above (walkthrough1).
Click Check Names to verify the user exists (if necessary, click the Advanced button, then Find Now to list all users; you can select the user from this list).  Click OK to close the Select Users dialog and return to the Add Group dialog. The New Group dialog now lists the user you selected. 33
34 7. Click Create to create the new group. 8. Create one more group, for example, WTGroup2, adding the second user created above (walkthrough2). Then close the New Group dialog. You may also close the Computer Management console.
35 Configure the user and role location in ArcGIS SERVER In order to assign permissions for Web applications and services, you must first tell ArcGIS Server where your users and roles are stored. In this walkthrough, users are operating system accounts on the Web server or on the domain, and roles are Windows groups on the Web server or domain. 1. Start ArcGIS Server Manager and log in. 2. In Manager, expand the Security panel and click Settings. 3. Click the Change button (do this even if the Location already indicates Windows users and groups; the wizard performs additional essential configuration steps).
36 4. In the dialog that opens for location for Users, choose Windows users. Click Next.
5. In the panel for Role store location for users, click Windows groups. Click Finish. The wizard will dismiss and the Location box will read Windows Users and Groups. 37 Notice that security for services is set to Not Enabled. Do not enable security at this point. You will enable security in the last step in this walkthrough. Enabling security is the last step because you first need to set permissions for your Web services. Once security is enabled, only users whose roles you have permitted can access the GIS Web services.
38 View Users and Roles When your users and roles are Windows users and groups, you may view them in Manager. To add, edit or delete users or groups, you must use Windows operating system tools. 1. In Manager, click the Security tab on the left side, then click Users. The Users panel will display a list of users on the local Web server.
39 2. If you have more users than can be displayed in a single panel, click the >> to display additional users. You can also enter part or all of a user name in the Show: box near the top of the panel and click Find to filter the list of users. 3. To view a user's group membership, click the plus symbol next to the name. The list will show the groups of which the user is a member on the local system. 4. If the computer is a member of a domain, you can view users on the domain by clicking the Domain radio button for Show users on. You can then view domain group membership for these users (the list will not show membership in local system groups). 5. View roles by clicking Roles in the Manager Security tab. In this case, the list displays Windows groups on the local Web server. If the computer is a member of a domain, you may click Domain to see groups in the domain. You can page between lists of groups or filter/search for groups as with the Users dialog.
40 6. Click the plus button next to a group to view the users who are members of the group.
41 Secure a Web application Now you will secure a Web application by limiting access to designated roles (in this case, Windows groups). The final sections of this walkthrough will accomplish this goal. 1. Create a new Web application in Manager. The application may be simple, with just a map service and no extra tools or tasks. You may follow the Creating a Web Application Tutorial if you need to create an application. If you have installed an SSL certificate on the Web server, then when creating the application, you may want to set the application to use https (in the application wizard, use the Advanced option on the first panel). You may use an existing application, but all users of the application will be required to log in as a user in a role you permit during the walkthrough. 2. In Manager, click Applications to list the Web applications. Find the application you want to secure in the list. In the Permissions column, you will notice the unlocked icon . This indicates that the application is not restricted, so that users currently are not required to log in.
42 3. Click the permissions icon , which displays the Permissions dialog for the Web application. 4. Check the box for Enable security for this web application. This enables the lists of available and allowed roles. 5. If you wish to allow roles based on domain groups, click the Domain option under Show roles on. Otherwise click Local server to see groups on the local machine. You can add both domain and local groups as allowed roles. 6. Highlight the WTGroup1 role (or other role you added above) in the Available Roles list. Click the Add> button to add it to the list of Allowed Roles. Optionally, add other roles to the allowed list.
43 7. Click Save to save the permissions and return to the list of applications. Notice that the permissions icon changes to a locked appearance, which shows that it now requires a login to access the application.
44 8. Set the authentication method for the application using IIS Manager: (a) Open IIS Manager by going to Start - Settings - Control Panel - Administrative Tools - Internet Information Services Manager. (b) Expand the left-hand tree of IIS Manager, under Web Sites or Sites, to find Default Web Site, then expand Default Web Site to find the Web application you just secured. (c) On Windows XP or Server 2003: (1) Right-click on the Web application and click Properties in the context menu. The Properties dialog opens for the application.
(2) In the Properties dialog, click the Directory Security tab. In this panel, under Anonymous access and authentication control, click Edit... The Authentication Methods dialog opens. 45
46 (3) In the Authentication Methods dialog, uncheck the Anonymous access box. Then check at least one of the methods under Authenticated access. For the demonstration purposes of this walkthrough, you may choose Basic authentication (click Yes if a warning message appears). (4) Click OK to dismiss the Authentication Methods dialog and return to the application's Properties dialog.
47 (d) If you have installed a SSL certificate on your Web server, you can require https when using the application. This will protect the login when the authentication method is set to Basic. (e) To require https on Windows XP or Server 2003: in the Properties dialog for the application, click the Directory Security tab. In the Secure communications area of this panel, click Edit... (if this button is disabled, then no SSL certificate is installed). In the Secure Communications dialog, click Require secure channel (SSL). Click OK to save the setting. Click OK to close the Properties dialog.
48 Permissions for files and folders Folder permissions include Full Control, Modify, Read & Execute, List Folder Contents, Read, and Write. Each of these permissions consists of a logical group of special permissions that are listed and defined in the following sections.
49 File and folder special permissions Special Permissions Full Control Modify Read & Execu-te List folder contents Read Write Traverse Folder/ Execute File YES YES YES YES NO NO List Folder/Read Data YES YES YES YES YES NO Read Attributes YES YES YES YES YES NO Read Extended Attributes YES YES YES YES YES NO Create Files/Write Data YES YES NO NO NO YES
50 Special Permissions Full Control CONTINUE… Modify Read & Execu-te List folder contents Read Write Create Folders/ Append Data YES YES NO NO NO YES Write Attributes YES YES NO NO NO YES Write Extended Attributes YES YES NO NO NO YES Delete Subfolders and Files YES NO NO NO NO NO Delete YES YES NO NO NO NO
51 Special Permissions Full Control CONTINUE… Modify Read & Execu-te List folder contents Read Write Read Permissions YES YES YES YES YES YES Change Permissions YES NO NO NO NO NO Take Ownership YES NO NO NO NO NO Synchronize YES YES YES YES YES YES
HOTFIX A hotfix is code (sometimes called a patch) that fixes a bug in a product. Users of the products may be notified by e-mail or obtain information about current hotfixes at a software vendor's Web site and download the hotfixes they wish to apply. Hotfixes are sometimes packaged as a set of fixes called a combined hotfix or a service packs. Quick fix engineering (QFE) is a newer Microsoft term for a hotfix. 52
53 PATCH  An application that has been installed using the Microsoft Windows Installer can be upgraded by reinstalling an updated installation package (.msi file), or by applying a Windows Installer patch (an .msp file) to the application.  A Windows Installer patch (.msp file) is a self-contained package that contains the updates to the application and describes which versions of the application can receive the patch.  Patches contain at a minimum, two database transforms and can contain patch files that are stored in the cabinet file stream of the patch package.  Servicing applications by delivering a Windows Installer patch, rather than a complete installation package for the updated product can have advantages.
54 CONTINUE…  A patch can contain an entire file or only the file bits necessary to update part of the file. This can enable the user to download an upgrade patch that is much smaller than the installation package for the entire product.  An update using a patch can preserve a user customization of the application through the upgrade.  Patch takes a patch file containing a difference listing produced by diff and applies those differences to one or more original files, producing patched versions.
55 REFERENCE •http://www.cs.uic.edu/~jbell/CourseNotes/OperatingSystems/ 2_Structures.html • http://windows.microsoft.com/en-in/windows-vista/using-windows- security-center •http://webhelp.esri.com/arcgisserver/9.3/dotnet/index.htm# walkthrough_windows.htm • http://support.microsoft.com/kb/308419 • http://en.wikipedia.org/wiki/Hotfix • http://msdn.microsoft.com/en-us/ library/aa370578(v=vs.85).aspx
56 PRESENTED BY:  POOJA TALREJA  SIMRAN RAJPAL UNDER GUIDANCE OF: MANOJ KAVEDIA SIR
57

Recommended

Windows Security in Operating System
Windows Security in Operating SystemWindows Security in Operating System
Windows Security in Operating System
Meghaj Mallick
 
Virus and Malicious Code Chapter 5
Virus and Malicious Code Chapter 5Virus and Malicious Code Chapter 5
Virus and Malicious Code Chapter 5AfiqEfendy Zaen
 
Malware analysis
Malware analysisMalware analysis
Malware analysisPrakashchand Suthar
 
Network management and security
Network management and securityNetwork management and security
Network management and security
Ankit Bhandari
 
Basic Dynamic Analysis of Malware
Basic Dynamic Analysis of MalwareBasic Dynamic Analysis of Malware
Basic Dynamic Analysis of Malware
Natraj G
 
Nmap basics
Nmap basicsNmap basics
Nmap basics
itmind4u
 
DLL(dynamic link library)
DLL(dynamic link library)DLL(dynamic link library)
DLL(dynamic link library)
pooja_doshi
 
Administering security
Administering securityAdministering security
Administering security
G Prachi
 

Recommended

Windows Security in Operating System
Windows Security in Operating SystemWindows Security in Operating System
Windows Security in Operating System
Meghaj Mallick
 
Virus and Malicious Code Chapter 5
Virus and Malicious Code Chapter 5Virus and Malicious Code Chapter 5
Virus and Malicious Code Chapter 5AfiqEfendy Zaen
 
Malware analysis
Malware analysisMalware analysis
Malware analysisPrakashchand Suthar
 
Network management and security
Network management and securityNetwork management and security
Network management and security
Ankit Bhandari
 
Basic Dynamic Analysis of Malware
Basic Dynamic Analysis of MalwareBasic Dynamic Analysis of Malware
Basic Dynamic Analysis of Malware
Natraj G
 
Nmap basics
Nmap basicsNmap basics
Nmap basics
itmind4u
 
DLL(dynamic link library)
DLL(dynamic link library)DLL(dynamic link library)
DLL(dynamic link library)
pooja_doshi
 
Administering security
Administering securityAdministering security
Administering security
G Prachi
 
Operating system security
Operating system securityOperating system security
Operating system securityRachel Jeewa
 
Program security
Program securityProgram security
Program security
G Prachi
 
Malware
MalwareMalware
Malware
Anoushka Srivastava
 
Linux security
Linux securityLinux security
Linux security
trilokchandra prakash
 
Operating system security
Operating system securityOperating system security
Operating system security
Ramesh Ogania
 
Practical Malware Analysis: Ch 0: Malware Analysis Primer & 1: Basic Static T...
Practical Malware Analysis: Ch 0: Malware Analysis Primer & 1: Basic Static T...Practical Malware Analysis: Ch 0: Malware Analysis Primer & 1: Basic Static T...
Practical Malware Analysis: Ch 0: Malware Analysis Primer & 1: Basic Static T...
Sam Bowne
 
Intrusion detection and prevention system
Intrusion detection and prevention systemIntrusion detection and prevention system
Intrusion detection and prevention system
Nikhil Raj
 
Introduction to Network and System Administration
Introduction to Network and System AdministrationIntroduction to Network and System Administration
Introduction to Network and System Administration
Duressa Teshome
 
Security and Linux Security
Security and Linux SecuritySecurity and Linux Security
Security and Linux Security
Rizky Ariestiyansyah
 
Operating Systems: Computer Security
Operating Systems: Computer SecurityOperating Systems: Computer Security
Operating Systems: Computer Security
Damian T. Gordon
 
Introduction to Software Security and Best Practices
Introduction to Software Security and Best PracticesIntroduction to Software Security and Best Practices
Introduction to Software Security and Best Practices
Maxime ALAY-EDDINE
 
Information Security- Threats and Attacks presentation by DHEERAJ KATARIA
Information Security- Threats and Attacks presentation by DHEERAJ KATARIAInformation Security- Threats and Attacks presentation by DHEERAJ KATARIA
Information Security- Threats and Attacks presentation by DHEERAJ KATARIA
Dheeraj Kataria
 
Penetration Testing Basics
Penetration Testing BasicsPenetration Testing Basics
Penetration Testing Basics
Rick Wanner
 
Malware Static Analysis
Malware Static AnalysisMalware Static Analysis
Malware Static Analysis
Hossein Yavari
 
Introduction to filesystems and computer forensics
Introduction to filesystems and computer forensicsIntroduction to filesystems and computer forensics
Introduction to filesystems and computer forensics
Mayank Chaudhari
 
Web application attacks
Web application attacksWeb application attacks
Web application attacks
hruth
 
Windowsforensics
WindowsforensicsWindowsforensics
WindowsforensicsSantosh Khadsare
 
Information Security Principles - Access Control
Information Security Principles - Access ControlInformation Security Principles - Access Control
Information Security Principles - Access Control
idingolay
 
Operating system security
Operating system securityOperating system security
Operating system securitySarmad Makhdoom
 
CS6004 Cyber Forensics
CS6004 Cyber ForensicsCS6004 Cyber Forensics
CS6004 Cyber Forensics
Kathirvel Ayyaswamy
 
Windows security context
Windows security contextWindows security context
Windows security context
InGuen Hwang
 
Security in windows azure
Security in windows azureSecurity in windows azure
Security in windows azure
Patriek van Dorp
 

More Related Content

What's hot

Operating system security
Operating system securityOperating system security
Operating system securityRachel Jeewa
 
Program security
Program securityProgram security
Program security
G Prachi
 
Malware
MalwareMalware
Malware
Anoushka Srivastava
 
Linux security
Linux securityLinux security
Linux security
trilokchandra prakash
 
Operating system security
Operating system securityOperating system security
Operating system security
Ramesh Ogania
 
Practical Malware Analysis: Ch 0: Malware Analysis Primer & 1: Basic Static T...
Practical Malware Analysis: Ch 0: Malware Analysis Primer & 1: Basic Static T...Practical Malware Analysis: Ch 0: Malware Analysis Primer & 1: Basic Static T...
Practical Malware Analysis: Ch 0: Malware Analysis Primer & 1: Basic Static T...
Sam Bowne
 
Intrusion detection and prevention system
Intrusion detection and prevention systemIntrusion detection and prevention system
Intrusion detection and prevention system
Nikhil Raj
 
Introduction to Network and System Administration
Introduction to Network and System AdministrationIntroduction to Network and System Administration
Introduction to Network and System Administration
Duressa Teshome
 
Security and Linux Security
Security and Linux SecuritySecurity and Linux Security
Security and Linux Security
Rizky Ariestiyansyah
 
Operating Systems: Computer Security
Operating Systems: Computer SecurityOperating Systems: Computer Security
Operating Systems: Computer Security
Damian T. Gordon
 
Introduction to Software Security and Best Practices
Introduction to Software Security and Best PracticesIntroduction to Software Security and Best Practices
Introduction to Software Security and Best Practices
Maxime ALAY-EDDINE
 
Information Security- Threats and Attacks presentation by DHEERAJ KATARIA
Information Security- Threats and Attacks presentation by DHEERAJ KATARIAInformation Security- Threats and Attacks presentation by DHEERAJ KATARIA
Information Security- Threats and Attacks presentation by DHEERAJ KATARIA
Dheeraj Kataria
 
Penetration Testing Basics
Penetration Testing BasicsPenetration Testing Basics
Penetration Testing Basics
Rick Wanner
 
Malware Static Analysis
Malware Static AnalysisMalware Static Analysis
Malware Static Analysis
Hossein Yavari
 
Introduction to filesystems and computer forensics
Introduction to filesystems and computer forensicsIntroduction to filesystems and computer forensics
Introduction to filesystems and computer forensics
Mayank Chaudhari
 
Web application attacks
Web application attacksWeb application attacks
Web application attacks
hruth
 
Information Security Principles - Access Control
Information Security Principles - Access ControlInformation Security Principles - Access Control
Information Security Principles - Access Control
idingolay
 
Operating system security
Operating system securityOperating system security
Operating system securitySarmad Makhdoom
 
CS6004 Cyber Forensics
CS6004 Cyber ForensicsCS6004 Cyber Forensics
CS6004 Cyber Forensics
Kathirvel Ayyaswamy
 

What's hot (20)

Operating system security
Operating system securityOperating system security
Operating system security
 
Program security
Program securityProgram security
Program security
 
Malware
MalwareMalware
Malware
 
Linux security
Linux securityLinux security
Linux security
 
Operating system security
Operating system securityOperating system security
Operating system security
 
Practical Malware Analysis: Ch 0: Malware Analysis Primer & 1: Basic Static T...
Practical Malware Analysis: Ch 0: Malware Analysis Primer & 1: Basic Static T...Practical Malware Analysis: Ch 0: Malware Analysis Primer & 1: Basic Static T...
Practical Malware Analysis: Ch 0: Malware Analysis Primer & 1: Basic Static T...
 
Intrusion detection and prevention system
Intrusion detection and prevention systemIntrusion detection and prevention system
Intrusion detection and prevention system
 
Introduction to Network and System Administration
Introduction to Network and System AdministrationIntroduction to Network and System Administration
Introduction to Network and System Administration
 
Security and Linux Security
Security and Linux SecuritySecurity and Linux Security
Security and Linux Security
 
Operating Systems: Computer Security
Operating Systems: Computer SecurityOperating Systems: Computer Security
Operating Systems: Computer Security
 
Introduction to Software Security and Best Practices
Introduction to Software Security and Best PracticesIntroduction to Software Security and Best Practices
Introduction to Software Security and Best Practices
 
Information Security- Threats and Attacks presentation by DHEERAJ KATARIA
Information Security- Threats and Attacks presentation by DHEERAJ KATARIAInformation Security- Threats and Attacks presentation by DHEERAJ KATARIA
Information Security- Threats and Attacks presentation by DHEERAJ KATARIA
 
Penetration Testing Basics
Penetration Testing BasicsPenetration Testing Basics
Penetration Testing Basics
 
Malware Static Analysis
Malware Static AnalysisMalware Static Analysis
Malware Static Analysis
 
Introduction to filesystems and computer forensics
Introduction to filesystems and computer forensicsIntroduction to filesystems and computer forensics
Introduction to filesystems and computer forensics
 
Web application attacks
Web application attacksWeb application attacks
Web application attacks
 
Windowsforensics
WindowsforensicsWindowsforensics
Windowsforensics
 
Information Security Principles - Access Control
Information Security Principles - Access ControlInformation Security Principles - Access Control
Information Security Principles - Access Control
 
Operating system security
Operating system securityOperating system security
Operating system security
 
CS6004 Cyber Forensics
CS6004 Cyber ForensicsCS6004 Cyber Forensics
CS6004 Cyber Forensics
 

Viewers also liked

Windows security context
Windows security contextWindows security context
Windows security context
InGuen Hwang
 
Security in windows azure
Security in windows azureSecurity in windows azure
Security in windows azure
Patriek van Dorp
 
Ethical hacking & Information Security
Ethical hacking & Information SecurityEthical hacking & Information Security
Ethical hacking & Information Security
Ajay Dhamija
 
IS Security Presentation
IS Security PresentationIS Security Presentation
IS Security Presentation
Renjith K P
 
Information Security - Back to Basics - Own Your Vulnerabilities
Information Security - Back to Basics - Own Your VulnerabilitiesInformation Security - Back to Basics - Own Your Vulnerabilities
Information Security - Back to Basics - Own Your Vulnerabilities
Jack Nichelson
 
Ne Course Part Two
Ne Course Part TwoNe Course Part Two
Ne Course Part Twobackdoor
 
12 Crucial Windows Security Skills for 2017
12 Crucial Windows Security Skills for 201712 Crucial Windows Security Skills for 2017
12 Crucial Windows Security Skills for 2017
Paula Januszkiewicz
 
Windows 7 Security
Windows 7 SecurityWindows 7 Security
Windows 7 Security
Jorge Orchilles
 
Cyber Security
Cyber SecurityCyber Security
Cyber Security
Neha Gupta
 
Security @ Windows 10 Partner Technical Bootcamp Microsoft Norway October 2015
Security @ Windows 10 Partner Technical Bootcamp Microsoft Norway October 2015Security @ Windows 10 Partner Technical Bootcamp Microsoft Norway October 2015
Security @ Windows 10 Partner Technical Bootcamp Microsoft Norway October 2015
Jan Ketil Skanke
 
2017 Cybersecurity Predictions
2017 Cybersecurity Predictions2017 Cybersecurity Predictions
2017 Cybersecurity Predictions
PaloAltoNetworks
 
NTFS file system
NTFS file systemNTFS file system
NTFS file system
Ravi Yasas
 
Security & protection in operating system
Security & protection in operating systemSecurity & protection in operating system
Security & protection in operating system
Abou Bakr Ashraf
 
Transmission media
Transmission mediaTransmission media
Transmission media
kinish kumar
 
INFORMATION SECURITY
INFORMATION SECURITYINFORMATION SECURITY
INFORMATION SECURITY
Ahmed Moussa
 

Viewers also liked (16)

Windows security context
Windows security contextWindows security context
Windows security context
 
Security in windows azure
Security in windows azureSecurity in windows azure
Security in windows azure
 
Ethical hacking & Information Security
Ethical hacking & Information SecurityEthical hacking & Information Security
Ethical hacking & Information Security
 
IS Security Presentation
IS Security PresentationIS Security Presentation
IS Security Presentation
 
Information Security - Back to Basics - Own Your Vulnerabilities
Information Security - Back to Basics - Own Your VulnerabilitiesInformation Security - Back to Basics - Own Your Vulnerabilities
Information Security - Back to Basics - Own Your Vulnerabilities
 
Ne Course Part Two
Ne Course Part TwoNe Course Part Two
Ne Course Part Two
 
12 Crucial Windows Security Skills for 2017
12 Crucial Windows Security Skills for 201712 Crucial Windows Security Skills for 2017
12 Crucial Windows Security Skills for 2017
 
Windows 7 Security
Windows 7 SecurityWindows 7 Security
Windows 7 Security
 
Cyber Security
Cyber SecurityCyber Security
Cyber Security
 
Security @ Windows 10 Partner Technical Bootcamp Microsoft Norway October 2015
Security @ Windows 10 Partner Technical Bootcamp Microsoft Norway October 2015Security @ Windows 10 Partner Technical Bootcamp Microsoft Norway October 2015
Security @ Windows 10 Partner Technical Bootcamp Microsoft Norway October 2015
 
2017 Cybersecurity Predictions
2017 Cybersecurity Predictions2017 Cybersecurity Predictions
2017 Cybersecurity Predictions
 
NTFS file system
NTFS file systemNTFS file system
NTFS file system
 
Security & protection in operating system
Security & protection in operating systemSecurity & protection in operating system
Security & protection in operating system
 
Network security
Network securityNetwork security
Network security
 
Transmission media
Transmission mediaTransmission media
Transmission media
 
INFORMATION SECURITY
INFORMATION SECURITYINFORMATION SECURITY
INFORMATION SECURITY
 

Similar to Windows Security

1RUNNING HEAD MANAGING HOST BASED SECURITY IN WINDOWS 8.1La.docx
1RUNNING HEAD MANAGING HOST BASED SECURITY IN WINDOWS 8.1La.docx1RUNNING HEAD MANAGING HOST BASED SECURITY IN WINDOWS 8.1La.docx
1RUNNING HEAD MANAGING HOST BASED SECURITY IN WINDOWS 8.1La.docx
eugeniadean34240
 
Unit III - Basics of Computer Science
Unit III - Basics of Computer ScienceUnit III - Basics of Computer Science
Unit III - Basics of Computer ScienceHepsijeba
 
installing and optimizing operating system software
installing and optimizing operating system software installing and optimizing operating system software
installing and optimizing operating system software
Jaleto Sunkemo
 
system Security
system Security system Security
system Security
Gaurav Mishra
 
Software.pptx
Software.pptxSoftware.pptx
Software.pptx
RabiaAsif31
 
Chp 03 pti - (shared) up
Chp 03 pti - (shared) upChp 03 pti - (shared) up
Chp 03 pti - (shared) up
YUSRA FERNANDO
 
Chp 03 - Software PTI - (Shared).pdf
Chp 03 - Software PTI - (Shared).pdfChp 03 - Software PTI - (Shared).pdf
Chp 03 - Software PTI - (Shared).pdf
YUSRA FERNANDO
 
Os lecture 6
Os lecture 6Os lecture 6
Os lecture 6
Dr. Ahmed J. Obaid
 
As media studies software and systems presentation
As media studies software and systems presentationAs media studies software and systems presentation
As media studies software and systems presentation
paddy249
 
SYMANTEC ENDPOINT PROTECTION Advanced Monitoring and Reporting
SYMANTEC ENDPOINT PROTECTION Advanced Monitoring and ReportingSYMANTEC ENDPOINT PROTECTION Advanced Monitoring and Reporting
SYMANTEC ENDPOINT PROTECTION Advanced Monitoring and Reporting
Dsunte Wilson
 
3 windowssecurity
3 windowssecurity3 windowssecurity
3 windowssecurityricharddxd
 
Chapter -2 Operating-System and its Structures
Chapter -2 Operating-System and its StructuresChapter -2 Operating-System and its Structures
Chapter -2 Operating-System and its Structures
Chandrakant Divate
 
Operating systems system structures
Operating systems system structuresOperating systems system structures
Operating systems system structures
Mukesh Chinta
 
What is Operating System, Utility program,virus and anti_virus
What is Operating System, Utility program,virus and anti_virusWhat is Operating System, Utility program,virus and anti_virus
What is Operating System, Utility program,virus and anti_virus
mudasserakram
 
ch1.ppt
ch1.pptch1.ppt
ch1.ppt
VandanaGaria
 
Basic Software.pptx
Basic Software.pptx Basic Software.pptx
Basic Software.pptx
NiloyHasan12
 
Vista Presentation
Vista PresentationVista Presentation
Vista Presentation
sdrayin
 

Similar to Windows Security (20)

1RUNNING HEAD MANAGING HOST BASED SECURITY IN WINDOWS 8.1La.docx
1RUNNING HEAD MANAGING HOST BASED SECURITY IN WINDOWS 8.1La.docx1RUNNING HEAD MANAGING HOST BASED SECURITY IN WINDOWS 8.1La.docx
1RUNNING HEAD MANAGING HOST BASED SECURITY IN WINDOWS 8.1La.docx
 
Unit III - Basics of Computer Science
Unit III - Basics of Computer ScienceUnit III - Basics of Computer Science
Unit III - Basics of Computer Science
 
installing and optimizing operating system software
installing and optimizing operating system software installing and optimizing operating system software
installing and optimizing operating system software
 
system Security
system Security system Security
system Security
 
Software.pptx
Software.pptxSoftware.pptx
Software.pptx
 
Chp 03 pti - (shared) up
Chp 03 pti - (shared) upChp 03 pti - (shared) up
Chp 03 pti - (shared) up
 
Chp 03 - Software PTI - (Shared).pdf
Chp 03 - Software PTI - (Shared).pdfChp 03 - Software PTI - (Shared).pdf
Chp 03 - Software PTI - (Shared).pdf
 
Os lecture 6
Os lecture 6Os lecture 6
Os lecture 6
 
As media studies software and systems presentation
As media studies software and systems presentationAs media studies software and systems presentation
As media studies software and systems presentation
 
SYMANTEC ENDPOINT PROTECTION Advanced Monitoring and Reporting
SYMANTEC ENDPOINT PROTECTION Advanced Monitoring and ReportingSYMANTEC ENDPOINT PROTECTION Advanced Monitoring and Reporting
SYMANTEC ENDPOINT PROTECTION Advanced Monitoring and Reporting
 
3 windowssecurity
3 windowssecurity3 windowssecurity
3 windowssecurity
 
Ch11 system administration
Ch11 system administration Ch11 system administration
Ch11 system administration
 
Ch11
Ch11Ch11
Ch11
 
OwnYIT CSAT + SIEM
OwnYIT CSAT + SIEMOwnYIT CSAT + SIEM
OwnYIT CSAT + SIEM
 
Chapter -2 Operating-System and its Structures
Chapter -2 Operating-System and its StructuresChapter -2 Operating-System and its Structures
Chapter -2 Operating-System and its Structures
 
Operating systems system structures
Operating systems system structuresOperating systems system structures
Operating systems system structures
 
What is Operating System, Utility program,virus and anti_virus
What is Operating System, Utility program,virus and anti_virusWhat is Operating System, Utility program,virus and anti_virus
What is Operating System, Utility program,virus and anti_virus
 
ch1.ppt
ch1.pptch1.ppt
ch1.ppt
 
Basic Software.pptx
Basic Software.pptx Basic Software.pptx
Basic Software.pptx
 
Vista Presentation
Vista PresentationVista Presentation
Vista Presentation
 

Recently uploaded

How to Split Bills in the Odoo 17 POS Module
How to Split Bills in the Odoo 17 POS ModuleHow to Split Bills in the Odoo 17 POS Module
How to Split Bills in the Odoo 17 POS Module
Celine George
 
The Challenger.pdf DNHS Official Publication
The Challenger.pdf DNHS Official PublicationThe Challenger.pdf DNHS Official Publication
The Challenger.pdf DNHS Official Publication
Delapenabediema
 
Instructions for Submissions thorugh G- Classroom.pptx
Instructions for Submissions thorugh G- Classroom.pptxInstructions for Submissions thorugh G- Classroom.pptx
Instructions for Submissions thorugh G- Classroom.pptx
Jheel Barad
 
The Roman Empire A Historical Colossus.pdf
The Roman Empire A Historical Colossus.pdfThe Roman Empire A Historical Colossus.pdf
The Roman Empire A Historical Colossus.pdf
kaushalkr1407
 
Operation Blue Star - Saka Neela Tara
Operation Blue Star - Saka Neela TaraOperation Blue Star - Saka Neela Tara
Operation Blue Star - Saka Neela Tara
Balvir Singh
 
Mule 4.6 & Java 17 Upgrade | MuleSoft Mysore Meetup #46
Mule 4.6 & Java 17 Upgrade | MuleSoft Mysore Meetup #46Mule 4.6 & Java 17 Upgrade | MuleSoft Mysore Meetup #46
Mule 4.6 & Java 17 Upgrade | MuleSoft Mysore Meetup #46
MysoreMuleSoftMeetup
 
The geography of Taylor Swift - some ideas
The geography of Taylor Swift - some ideasThe geography of Taylor Swift - some ideas
The geography of Taylor Swift - some ideas
GeoBlogs
 
Model Attribute Check Company Auto Property
Model Attribute Check Company Auto PropertyModel Attribute Check Company Auto Property
Model Attribute Check Company Auto Property
Celine George
 
Basic phrases for greeting and assisting costumers
Basic phrases for greeting and assisting costumersBasic phrases for greeting and assisting costumers
Basic phrases for greeting and assisting costumers
PedroFerreira53928
 
Polish students' mobility in the Czech Republic
Polish students' mobility in the Czech RepublicPolish students' mobility in the Czech Republic
Polish students' mobility in the Czech Republic
Anna Sz.
 
How libraries can support authors with open access requirements for UKRI fund...
How libraries can support authors with open access requirements for UKRI fund...How libraries can support authors with open access requirements for UKRI fund...
How libraries can support authors with open access requirements for UKRI fund...
Jisc
 
CLASS 11 CBSE B.St Project AIDS TO TRADE - INSURANCE
CLASS 11 CBSE B.St Project AIDS TO TRADE - INSURANCECLASS 11 CBSE B.St Project AIDS TO TRADE - INSURANCE
CLASS 11 CBSE B.St Project AIDS TO TRADE - INSURANCE
BhavyaRajput3
 
Supporting (UKRI) OA monographs at Salford.pptx
Supporting (UKRI) OA monographs at Salford.pptxSupporting (UKRI) OA monographs at Salford.pptx
Supporting (UKRI) OA monographs at Salford.pptx
Jisc
 
Palestine last event orientationfvgnh .pptx
Palestine last event orientationfvgnh .pptxPalestine last event orientationfvgnh .pptx
Palestine last event orientationfvgnh .pptx
RaedMohamed3
 
Cambridge International AS A Level Biology Coursebook - EBook (MaryFosbery J...
Cambridge International AS A Level Biology Coursebook - EBook (MaryFosbery J...Cambridge International AS A Level Biology Coursebook - EBook (MaryFosbery J...
Cambridge International AS A Level Biology Coursebook - EBook (MaryFosbery J...
AzmatAli747758
 
PART A. Introduction to Costumer Service
PART A. Introduction to Costumer ServicePART A. Introduction to Costumer Service
PART A. Introduction to Costumer Service
PedroFerreira53928
 
2024.06.01 Introducing a competency framework for languag learning materials ...
2024.06.01 Introducing a competency framework for languag learning materials ...2024.06.01 Introducing a competency framework for languag learning materials ...
2024.06.01 Introducing a competency framework for languag learning materials ...
Sandy Millin
 
Phrasal Verbs.XXXXXXXXXXXXXXXXXXXXXXXXXX
Phrasal Verbs.XXXXXXXXXXXXXXXXXXXXXXXXXXPhrasal Verbs.XXXXXXXXXXXXXXXXXXXXXXXXXX
Phrasal Verbs.XXXXXXXXXXXXXXXXXXXXXXXXXX
MIRIAMSALINAS13
 
The approach at University of Liverpool.pptx
The approach at University of Liverpool.pptxThe approach at University of Liverpool.pptx
The approach at University of Liverpool.pptx
Jisc
 
The Art Pastor's Guide to Sabbath | Steve Thomason
The Art Pastor's Guide to Sabbath | Steve ThomasonThe Art Pastor's Guide to Sabbath | Steve Thomason
The Art Pastor's Guide to Sabbath | Steve Thomason
Steve Thomason
 

Recently uploaded (20)

How to Split Bills in the Odoo 17 POS Module
How to Split Bills in the Odoo 17 POS ModuleHow to Split Bills in the Odoo 17 POS Module
How to Split Bills in the Odoo 17 POS Module
 
The Challenger.pdf DNHS Official Publication
The Challenger.pdf DNHS Official PublicationThe Challenger.pdf DNHS Official Publication
The Challenger.pdf DNHS Official Publication
 
Instructions for Submissions thorugh G- Classroom.pptx
Instructions for Submissions thorugh G- Classroom.pptxInstructions for Submissions thorugh G- Classroom.pptx
Instructions for Submissions thorugh G- Classroom.pptx
 
The Roman Empire A Historical Colossus.pdf
The Roman Empire A Historical Colossus.pdfThe Roman Empire A Historical Colossus.pdf
The Roman Empire A Historical Colossus.pdf
 
Operation Blue Star - Saka Neela Tara
Operation Blue Star - Saka Neela TaraOperation Blue Star - Saka Neela Tara
Operation Blue Star - Saka Neela Tara
 
Mule 4.6 & Java 17 Upgrade | MuleSoft Mysore Meetup #46
Mule 4.6 & Java 17 Upgrade | MuleSoft Mysore Meetup #46Mule 4.6 & Java 17 Upgrade | MuleSoft Mysore Meetup #46
Mule 4.6 & Java 17 Upgrade | MuleSoft Mysore Meetup #46
 
The geography of Taylor Swift - some ideas
The geography of Taylor Swift - some ideasThe geography of Taylor Swift - some ideas
The geography of Taylor Swift - some ideas
 
Model Attribute Check Company Auto Property
Model Attribute Check Company Auto PropertyModel Attribute Check Company Auto Property
Model Attribute Check Company Auto Property
 
Basic phrases for greeting and assisting costumers
Basic phrases for greeting and assisting costumersBasic phrases for greeting and assisting costumers
Basic phrases for greeting and assisting costumers
 
Polish students' mobility in the Czech Republic
Polish students' mobility in the Czech RepublicPolish students' mobility in the Czech Republic
Polish students' mobility in the Czech Republic
 
How libraries can support authors with open access requirements for UKRI fund...
How libraries can support authors with open access requirements for UKRI fund...How libraries can support authors with open access requirements for UKRI fund...
How libraries can support authors with open access requirements for UKRI fund...
 
CLASS 11 CBSE B.St Project AIDS TO TRADE - INSURANCE
CLASS 11 CBSE B.St Project AIDS TO TRADE - INSURANCECLASS 11 CBSE B.St Project AIDS TO TRADE - INSURANCE
CLASS 11 CBSE B.St Project AIDS TO TRADE - INSURANCE
 
Supporting (UKRI) OA monographs at Salford.pptx
Supporting (UKRI) OA monographs at Salford.pptxSupporting (UKRI) OA monographs at Salford.pptx
Supporting (UKRI) OA monographs at Salford.pptx
 
Palestine last event orientationfvgnh .pptx
Palestine last event orientationfvgnh .pptxPalestine last event orientationfvgnh .pptx
Palestine last event orientationfvgnh .pptx
 
Cambridge International AS A Level Biology Coursebook - EBook (MaryFosbery J...
Cambridge International AS A Level Biology Coursebook - EBook (MaryFosbery J...Cambridge International AS A Level Biology Coursebook - EBook (MaryFosbery J...
Cambridge International AS A Level Biology Coursebook - EBook (MaryFosbery J...
 
PART A. Introduction to Costumer Service
PART A. Introduction to Costumer ServicePART A. Introduction to Costumer Service
PART A. Introduction to Costumer Service
 
2024.06.01 Introducing a competency framework for languag learning materials ...
2024.06.01 Introducing a competency framework for languag learning materials ...2024.06.01 Introducing a competency framework for languag learning materials ...
2024.06.01 Introducing a competency framework for languag learning materials ...
 
Phrasal Verbs.XXXXXXXXXXXXXXXXXXXXXXXXXX
Phrasal Verbs.XXXXXXXXXXXXXXXXXXXXXXXXXXPhrasal Verbs.XXXXXXXXXXXXXXXXXXXXXXXXXX
Phrasal Verbs.XXXXXXXXXXXXXXXXXXXXXXXXXX
 
The approach at University of Liverpool.pptx
The approach at University of Liverpool.pptxThe approach at University of Liverpool.pptx
The approach at University of Liverpool.pptx
 
The Art Pastor's Guide to Sabbath | Steve Thomason
The Art Pastor's Guide to Sabbath | Steve ThomasonThe Art Pastor's Guide to Sabbath | Steve Thomason
The Art Pastor's Guide to Sabbath | Steve Thomason
 

Windows Security

  • 1. 1
  • 2. 2 CONTENTS  STRUCTURE OF OS  WINDOWS SECURITY  CREATING USERS AND GROUPS  ACHIEVING SECURITY USING ArcGIS SERVER  PERMISSIONS  HOTFIX  PATCHES
  • 3. 3
  • 5. FUNCTIONS OF KERNEL OSs provide environments in which programs run, and services for the users of the system, including: User Interfaces - Means by which users can issue commands to the system.  Program Execution - The OS must be able to load a program into RAM, run the program, and terminate the program, either normally or abnormally.  I/O Operations - The OS is responsible for transferring data to and from I/O devices, including keyboards, terminals, printers, and storage devices.  File-System Manipulation - In addition to raw data storage, the OS is also responsible for maintaining directory and subdirectory structures.  Communications - Inter-process communications, IPC, either between processes running on the same processor, or between processes running on separate processors or separate machines. 5
  • 6. CONTINUE… Error Detection Resource Allocation - E.g. CPU cycles, main memory, storage space, and peripheral devices.  Accounting - Keeping track of system activity and resource usage.  Protection and Security - Preventing harm to the system and to resources, either through wayward internal processes or malicious outsiders. 6
  • 7. User Operating-System Interface 1. Command Interpreter Gets and processes the next user request, and launches the requested programs. 2. Graphical User Interface, GUI Generally implemented as a desktop metaphor, with file folders, trash cans, and resource icons. Icons represent some item on the system, and respond accordingly when the icon is activated. 7
  • 9. Choice of interface Most modern systems allow individual users to select their desired interface, and to customize its operation, as well as the ability to switch between different interfaces as needed. System administrators generally determine which interface a user starts with when they first log in. SYSTEM CALLS System calls provide a means for user or application programs to call upon the services of the operating system. Generally written in C or C++, although some are written in assembly for optimal performance. 9
  • 11. Types of System Calls  PROCESS CONTROL: Process control system calls include end, abort, load, execute, create process, terminate process, get/set process attributes, wait for time or event, signal event, and allocate and free memory. 11
  • 12. 12  FILE MANAGEMENT: File management system calls include create file, delete file, open, close, read, write, reposition, get file attributes, and set file attributes.
  • 13. 13  DEVICE MANAGEMENT: Device management system calls include request device, release device, read, write, reposition, get/set device attributes, and logically attach or detach devices.
  • 14.  INFORMATION MAINTENANCE: Information maintenance system calls include calls to get/set the time, date, system data, and process, file, or device attributes. 14
  • 15. 15  COMMUNICATIONS: Communication system calls create/delete communication connection, send/receive messages, transfer status information, and attach/detach remote devices.
  • 16.  PROTECTION: Protection provides mechanisms for controlling which users / processes have access to which system resources. 16
  • 17. 17
  • 18. 18 System Programs  System programs provide OS functionality through separate applications, which are not part of the kernel or command interpreters.  They are also known as system utilities or system applications.  Most systems also ship with useful applications such as calculators and simple editors, ( e.g. Notepad ).
  • 19. 19 System programs may be divided into these categories:  File management - programs to create, delete, copy, rename, print, list, and generally manipulate files and directories.  Status information - Utilities to check on the date, time, number of users, processes running, data logging, etc.  File modification - e.g. text editors and other tools which can change file contents.  Programming-language support - E.g. Compilers, linkers, debuggers, profilers, assemblers, library archive management, interpreters for common languages, and support for make.
  • 20. 20 CONTINUE…  Program loading and execution - loaders, dynamic loaders, overlay loaders, etc., as well as interactive debuggers.  Communications - Programs for providing connectivity between processes and users, including mail, web browsers, remote logins, file transfers, and remote command execution.  Background services - Examples include network daemons, print servers, process schedulers, and system error monitoring services.  Most operating systems today also come complete with a set of application programs to provide additional services, such as copying files or checking the time and date.
  • 21. 21 Using Windows Security Center Windows Security Center can help enhance your computer's security by checking the status of several security essentials on your computer, including firewall settings, Windows automatic updating, anti-malware software settings, Internet security settings, and User Account Control settings. If Windows detects a problem with any of these security essentials (for example, if your antivirus program is out of date), Security Center displays a notification and places a Security Center icon in the notification area. Click the notification or double-click the Security Center icon to open Security Center and get information about how to fix the problem.
  • 23. 23 Firewall A firewall can help prevent hackers or malicious software (such as worms) from gaining access to your computer through a network or the Internet. A firewall can also help stop your computer from sending malicious software to other computers. Windows checks if your computer is protected by a software firewall. If the firewall is off, Security Center will display a notification and put a Security Center icon in the notification area. To turn on Windows Firewall 1. Open Security Center by clicking the Start button , clicking Control Panel, clicking Security, and then clicking Security Center. 2. Click Firewall, and then click Turn on now. If you are prompted for an administrator password or confirmation, type the password or provide confirmation.
  • 24. 24 Automatic updating Windows can routinely check for updates for your computer and install them automatically. You can use Security Center to make sure Automatic updating is turned on. If updating is turned off, Security Center will display a notification and put a Security Center icon in the notification area. To turn on automatic updating 1. Open Security Center by clicking the Start button , clicking Control Panel, clicking Security, and then clicking Security Center 2. Click Automatic updating, and then click Turn on now. If you are prompted for an administrator password or confirmation, type the password or provide confirmation.
  • 25. 25
  • 26. 26 Malicious software protection Malicious software (malware) protection can help protect your computer against viruses, spyware, and other security threats. Security Center checks if your computer is using up-to-date antispyware and antivirus software. If your antivirus or antispyware software is turned off or out of date, Security Center will display a notification and put a Security Center icon in the notification area. To install or update your anti-malware software 1. Open Security Center by clicking the Start button , clicking Control Panel, clicking Security, and then clicking Security Center. 2. Click Malware protection, click the button under Virus protection or Spyware and other malware protection, and then choose the option that you want.
  • 27. 27 Other security settings Windows checks your Internet security settings and User Account Control settings to make sure they are set at the recommended levels. If your Internet or User Account Control settings are changed to a security level that is not recommended, Security Center will display a notification and put a Security Center icon in the notification area. To restore Internet settings to recommended levels 1. Open Security Center by clicking the Start button , clicking Control Panel, clicking Security, and then clicking Security Center. 2. Click Other security settings. 3. Under Internet security settings, click Restore settings.
  • 28. 28 4. Do one of the following:  To automatically reset the Internet security settings that are at risk to their default level, click Restore my Internet security settings now.  To reset the Internet security settings yourself, click I want to restore my Internet security settings myself. Click the security zone you want to change settings for, and then click Custom level. To restore User Account Control settings to recommended levels 1. Open Security Center by clicking the Start button , clicking Control Panel, clicking Security, and then clicking Security Center. 2. Click Other security settings. 3. Under User Account Control, click Turn on now. If you are prompted for an administrator password or confirmation, type the password or provide confirmation.
  • 29. CREATING USER IN WINDOWS With user accounts, several people can easily share a single computer. Each person can have a separate user account with unique settings and preferences, such as a desktop background or screen saver. User accounts control which files and programs users can access and what types of changes users can make to the computer. Typically, you'll want to create standard accounts for most computer users. 29
  • 30. 30 Add users and groups with operating system tools In order to assign permissions based on Windows users and groups, you may need to add users and groups to your system. 1. To add users and groups to the local Web server, go to Start - Control Panel - Administrative Tools - Computer Management (alternatively, right-click on the My Computer icon on the Desktop, and click Manage). In the Computer Management console, expand if necessary the System Tools and then Local Users and Groups. Click the Users folder to view the list of users. In Windows Vista or Server 2008, go instead to Start – Control Panel - Administrative Tools - Server Manager. In the Server Manager, expand Configuration and then Local Users and Groups. Click the Users folder to view the list of users.
  • 31. 31 2. Right-click on the Users folder and choose New User... The New User dialog opens. 3. Enter the user name, for example, walkthrough1. Enter a password and confirm it (for example, walkthrough1). You may uncheck the requirement that the user must change password at next logon. Set other options as desired, then click Create.
  • 32. 32 4. Add at least one other user, for example, walkthrough2. Close the New User dialog. 5. Right-click on the Groups folder in the Computer Management (or Server Manager) tree, and choose New Group... The New Group dialog opens. 6. Enter the group name, for example, WTGroup1. Optionally add a description. To add members to the group:  Under the Members area, click Add... The Select Users, Computer or Groups dialog opens.  In the Select Users dialog, click the Locations... button, and in the popup dialog, select the local computer's name and click OK.  Back in the Select Users dialog, under the Enter the object names to select box, type the name of the first user added above (walkthrough1).
  • 33. Click Check Names to verify the user exists (if necessary, click the Advanced button, then Find Now to list all users; you can select the user from this list).  Click OK to close the Select Users dialog and return to the Add Group dialog. The New Group dialog now lists the user you selected. 33
  • 34. 34 7. Click Create to create the new group. 8. Create one more group, for example, WTGroup2, adding the second user created above (walkthrough2). Then close the New Group dialog. You may also close the Computer Management console.
  • 35. 35 Configure the user and role location in ArcGIS SERVER In order to assign permissions for Web applications and services, you must first tell ArcGIS Server where your users and roles are stored. In this walkthrough, users are operating system accounts on the Web server or on the domain, and roles are Windows groups on the Web server or domain. 1. Start ArcGIS Server Manager and log in. 2. In Manager, expand the Security panel and click Settings. 3. Click the Change button (do this even if the Location already indicates Windows users and groups; the wizard performs additional essential configuration steps).
  • 36. 36 4. In the dialog that opens for location for Users, choose Windows users. Click Next.
  • 37. 5. In the panel for Role store location for users, click Windows groups. Click Finish. The wizard will dismiss and the Location box will read Windows Users and Groups. 37 Notice that security for services is set to Not Enabled. Do not enable security at this point. You will enable security in the last step in this walkthrough. Enabling security is the last step because you first need to set permissions for your Web services. Once security is enabled, only users whose roles you have permitted can access the GIS Web services.
  • 38. 38 View Users and Roles When your users and roles are Windows users and groups, you may view them in Manager. To add, edit or delete users or groups, you must use Windows operating system tools. 1. In Manager, click the Security tab on the left side, then click Users. The Users panel will display a list of users on the local Web server.
  • 39. 39 2. If you have more users than can be displayed in a single panel, click the >> to display additional users. You can also enter part or all of a user name in the Show: box near the top of the panel and click Find to filter the list of users. 3. To view a user's group membership, click the plus symbol next to the name. The list will show the groups of which the user is a member on the local system. 4. If the computer is a member of a domain, you can view users on the domain by clicking the Domain radio button for Show users on. You can then view domain group membership for these users (the list will not show membership in local system groups). 5. View roles by clicking Roles in the Manager Security tab. In this case, the list displays Windows groups on the local Web server. If the computer is a member of a domain, you may click Domain to see groups in the domain. You can page between lists of groups or filter/search for groups as with the Users dialog.
  • 40. 40 6. Click the plus button next to a group to view the users who are members of the group.
  • 41. 41 Secure a Web application Now you will secure a Web application by limiting access to designated roles (in this case, Windows groups). The final sections of this walkthrough will accomplish this goal. 1. Create a new Web application in Manager. The application may be simple, with just a map service and no extra tools or tasks. You may follow the Creating a Web Application Tutorial if you need to create an application. If you have installed an SSL certificate on the Web server, then when creating the application, you may want to set the application to use https (in the application wizard, use the Advanced option on the first panel). You may use an existing application, but all users of the application will be required to log in as a user in a role you permit during the walkthrough. 2. In Manager, click Applications to list the Web applications. Find the application you want to secure in the list. In the Permissions column, you will notice the unlocked icon . This indicates that the application is not restricted, so that users currently are not required to log in.
  • 42. 42 3. Click the permissions icon , which displays the Permissions dialog for the Web application. 4. Check the box for Enable security for this web application. This enables the lists of available and allowed roles. 5. If you wish to allow roles based on domain groups, click the Domain option under Show roles on. Otherwise click Local server to see groups on the local machine. You can add both domain and local groups as allowed roles. 6. Highlight the WTGroup1 role (or other role you added above) in the Available Roles list. Click the Add> button to add it to the list of Allowed Roles. Optionally, add other roles to the allowed list.
  • 43. 43 7. Click Save to save the permissions and return to the list of applications. Notice that the permissions icon changes to a locked appearance, which shows that it now requires a login to access the application.
  • 44. 44 8. Set the authentication method for the application using IIS Manager: (a) Open IIS Manager by going to Start - Settings - Control Panel - Administrative Tools - Internet Information Services Manager. (b) Expand the left-hand tree of IIS Manager, under Web Sites or Sites, to find Default Web Site, then expand Default Web Site to find the Web application you just secured. (c) On Windows XP or Server 2003: (1) Right-click on the Web application and click Properties in the context menu. The Properties dialog opens for the application.
  • 45. (2) In the Properties dialog, click the Directory Security tab. In this panel, under Anonymous access and authentication control, click Edit... The Authentication Methods dialog opens. 45
  • 46. 46 (3) In the Authentication Methods dialog, uncheck the Anonymous access box. Then check at least one of the methods under Authenticated access. For the demonstration purposes of this walkthrough, you may choose Basic authentication (click Yes if a warning message appears). (4) Click OK to dismiss the Authentication Methods dialog and return to the application's Properties dialog.
  • 47. 47 (d) If you have installed a SSL certificate on your Web server, you can require https when using the application. This will protect the login when the authentication method is set to Basic. (e) To require https on Windows XP or Server 2003: in the Properties dialog for the application, click the Directory Security tab. In the Secure communications area of this panel, click Edit... (if this button is disabled, then no SSL certificate is installed). In the Secure Communications dialog, click Require secure channel (SSL). Click OK to save the setting. Click OK to close the Properties dialog.
  • 48. 48 Permissions for files and folders Folder permissions include Full Control, Modify, Read & Execute, List Folder Contents, Read, and Write. Each of these permissions consists of a logical group of special permissions that are listed and defined in the following sections.
  • 49. 49 File and folder special permissions Special Permissions Full Control Modify Read & Execu-te List folder contents Read Write Traverse Folder/ Execute File YES YES YES YES NO NO List Folder/Read Data YES YES YES YES YES NO Read Attributes YES YES YES YES YES NO Read Extended Attributes YES YES YES YES YES NO Create Files/Write Data YES YES NO NO NO YES
  • 50. 50 Special Permissions Full Control CONTINUE… Modify Read & Execu-te List folder contents Read Write Create Folders/ Append Data YES YES NO NO NO YES Write Attributes YES YES NO NO NO YES Write Extended Attributes YES YES NO NO NO YES Delete Subfolders and Files YES NO NO NO NO NO Delete YES YES NO NO NO NO
  • 51. 51 Special Permissions Full Control CONTINUE… Modify Read & Execu-te List folder contents Read Write Read Permissions YES YES YES YES YES YES Change Permissions YES NO NO NO NO NO Take Ownership YES NO NO NO NO NO Synchronize YES YES YES YES YES YES
  • 52. HOTFIX A hotfix is code (sometimes called a patch) that fixes a bug in a product. Users of the products may be notified by e-mail or obtain information about current hotfixes at a software vendor's Web site and download the hotfixes they wish to apply. Hotfixes are sometimes packaged as a set of fixes called a combined hotfix or a service packs. Quick fix engineering (QFE) is a newer Microsoft term for a hotfix. 52
  • 53. 53 PATCH  An application that has been installed using the Microsoft Windows Installer can be upgraded by reinstalling an updated installation package (.msi file), or by applying a Windows Installer patch (an .msp file) to the application.  A Windows Installer patch (.msp file) is a self-contained package that contains the updates to the application and describes which versions of the application can receive the patch.  Patches contain at a minimum, two database transforms and can contain patch files that are stored in the cabinet file stream of the patch package.  Servicing applications by delivering a Windows Installer patch, rather than a complete installation package for the updated product can have advantages.
  • 54. 54 CONTINUE…  A patch can contain an entire file or only the file bits necessary to update part of the file. This can enable the user to download an upgrade patch that is much smaller than the installation package for the entire product.  An update using a patch can preserve a user customization of the application through the upgrade.  Patch takes a patch file containing a difference listing produced by diff and applies those differences to one or more original files, producing patched versions.
  • 55. 55 REFERENCE •http://www.cs.uic.edu/~jbell/CourseNotes/OperatingSystems/ 2_Structures.html • http://windows.microsoft.com/en-in/windows-vista/using-windows- security-center •http://webhelp.esri.com/arcgisserver/9.3/dotnet/index.htm# walkthrough_windows.htm • http://support.microsoft.com/kb/308419 • http://en.wikipedia.org/wiki/Hotfix • http://msdn.microsoft.com/en-us/ library/aa370578(v=vs.85).aspx
  • 56. 56 PRESENTED BY:  POOJA TALREJA  SIMRAN RAJPAL UNDER GUIDANCE OF: MANOJ KAVEDIA SIR
  • 57. 57