The document discusses four topics:
1. Four common sense rules of security such as avoiding interesting files for hackers and monitoring security tools.
2. Account security including using strong passwords, limiting root access, temporary guest accounts, and not sharing user accounts.
3. File permissions which are set for the owner, group, and world categories.
4. Data encryption to protect sensitive information.
The document discusses four topics:
1. Four common sense rules of security such as avoiding interesting files for hackers and monitoring security tools.
2. Account security including using strong passwords, limiting root access, temporary guest accounts, and not sharing user accounts.
3. File permissions which are set for the owner, group, and world categories.
4. Data encryption to protect sensitive information.
Copyright:
Attribution Non-Commercial (BY-NC)
Available Formats
Download as PPTX, PDF, TXT or read online from Scribd
The document discusses four topics:
1. Four common sense rules of security such as avoiding interesting files for hackers and monitoring security tools.
2. Account security including using strong passwords, limiting root access, temporary guest accounts, and not sharing user accounts.
3. File permissions which are set for the owner, group, and world categories.
4. Data encryption to protect sensitive information.
Copyright:
Attribution Non-Commercial (BY-NC)
Available Formats
Download as PPTX, PDF, TXT or read online from Scribd
Account Security File Permissions Data Encryption Chapter Objectives
• Recognize the four common sense rules of security
• Understand the account security
• Understand the file permission
• Understand the data encryption
Four common rules of security
• Don’t put files on your system that are likely to be interesting
to hackers or nosy employees. • Don’t provide places for hackers to build nests on your system. Hackers often break into one system and then use it as a base of operations to get into other systems. • Set basic traps on systems that are connected to the Internet. Tools such as anti-viruses, anti-spywares and firewall. • Monitor the reports generated by the security tools. A minor problem that is ignored in one report may grow into a major problem. Account Security • Password security :- Many users choose poor passwords. Many other users don’t have passwords. Most resist changing their passwords. • Root accounts :- It is easiest to track changes and security violations when very few people who have root access. • Guest accounts :- Create guest accounts for the time it s needed. Remove the account when its purpose is completed. Do not use ‘guest’, instead use account name such as ‘fixomini’, ‘oratmp’. • User accounts :- User accounts should not be shared. Remove user accounts upon termination. File Permissions • Entities:- 1. Owner 2. Group 3. World 1. Owner :- Each file and directory (a special type of file) has an “owner.” This is the user account that has primary power over the file, allowing it to do things like change the file’s permissions. 2. Group:- Each file has a group account associated with it. This group, like the user account that is the file’s owner, has its own set of access permissions to the file. 3. World:- This last permission category covers “everyone else” — any accounts that are not the owner or a member of the file’s group. Data Encryption