Professional Documents
Culture Documents
Topic 4 Auditing It Environment Part Iii Auditing Operatig System
Topic 4 Auditing It Environment Part Iii Auditing Operatig System
ENVIRONMEN
T
AUDITING IT ENVIRONMENT 1
This Photo by Unknown Author is licensed under CC BY-SA
TOPIC CONTENTS
AUDITING IT ENVIRONMENT 3
4
OPERATING
SYSTEM
• https://www.youtube.com/watch?feature=player
_embedded&v=pTdSs8kQqSA
5
WHAT IS OPERATING
SYSTEM?
• An interface between the user and the hardware and enables the
interaction of a computer’s hardware and software.
• A software which performs all the basic tasks like file management,
memory management, storage management, process
management, handling input and output, and controlling peripheral
devices such as disk drives and printers.
Program that controls execution of application
programs and acts as intermediary between a
user of a computer and the computer
hardware.
What is
Must have an operating system to run other
Operating programs and applications.
System?
All computers and computer-like devices have
operating systems, including your laptop,
tablet, desktop, smartphone, smart watch and
router.
7
1. provide security
2. memory management
9
In any organisation, there must be steps or
measures taken to protect the OS from
threats, viruses, worms, malware or remote
hacker intrusions
10
OPERATING SYSTEM SECURITY
• Secure operating systems consists
of four (4) security components:
• Log-on control procedure
• Access token
• Access control list
• Discretionary access privileges
11
OPERATING SYSTEM SECURITY: LOG-
ON PROCEDURE
When user initiates the process, dialog box appears requesting user’s ID and password.
If the systems:
• Finds a match, then the log-on attempts is authenticated.
• Finds the password or ID is entered incorrectly , the log-on attempt fails, and a message is returned to the user.
• The message should not reveal whether the password or the ID caused the failure.
• The system should allow the user to re-enter the log-on information.
• After a specified number of attempts (<5) the system should lock out the user from the system.
12
LOG ON
CONTROL
PROCEDURE
LOG ON
CONTROL
PROCEDURE
LOG ON
CONTROL
PROCEDURE
OPERATING SYSTEM SECURITY :
ACCESS TOKEN, ACCESS CONTROL
LIST
• Access token
• Log on → successful → OS creates an access
token(contains information about the user e.g. user id,
password)
16
OPERATING SYSTEM
SECURITY:
DISCRETIONARY ACCESS
PRIVILEGES
17
THREATS TO OPERATING SYSTEM
INTEGRITY
ACCIDENTAL THREATS INTENTIONAL THREATS
18
ERRORS IN USER
APPLICATIONS
Steps Taken to Reduce
Threats
• To ensure secured operating
system, must have controls
on:
• Access privileges
• Password
• Malicious and Destructive
Program
• System audit trail
20
Must be carefully administered
and closely monitored to make
sure no violation on
segregation of duties.
Access Privileges
Control E.g., a cash receipts clerk who
is granted the right to access
must not make changes to the
accounts receivable file.
21
AUDIT OBJECTIVES AND
PROCEDURES
• To verify/ensure access privileges granted promotes segregation
of functions.
• Audit procedures include:-
• Review organisation's policy for separating incompatible
functions
• Review access rights/permission granted to employees to
determine the permission is appropriate for job descriptions.
• Review personnel records to determine privileged employees
undergo intensive security clearance.
• Review employee records on confidentiality of data.
• Review the user’s permitted log on times
22
PASSWORD CONTROL
• Most common forms of contra-security behaviour :-
• Forgot password
• Fail to change at frequent basis
• Post-it syndrome
• Too simple
• Methods to control passwords:
• Reusable password
• To improve access control, management should require that passwords be
changed regularly and disallow weak passwords.
• Software is available that automatically scans password files and notifies
users that their passwords have expired and need to be changed.
• One time password
• Alternative to reusable password.
• Audit objective: To ensure that organisation has adequate and effective password
policy to control access to operating system.
23
To ensure organisation
has an adequate and Inquire client on
effective password policy requirements to have
for controlling access to password.
AUDIT the operating system.
24
Malicious and Destructive Programs
Controls
Responsible for millions of dollars of corporate losses.
25
TYPES OF MALICIOUS AND
DESTRUCTIVE PROGRAMS
Virus
Trojan
Worm
horse
Trap
Logic
door/back
bomb
door
Types of Malicious &
Destructive Programs
• Virus
• Attached to legitimate program to
penetrate operating system.
• Destroy application programs, data
files, and the operating system
itself.
• Mechanisms for spreading viruses
include e-mail attachments,
downloading of public-domain
programs from the Internet, and
using illegal bootleg software.
27
Types of Malicious &
Destructive Programs
• Worm
• Operates
independently (does
not depend on host
program).
• Can replicate itself
from one computer to
another without being
activated by users.
28
Types of Malicious &
Destructive Programs
• Logic bomb
• A destructive program upon
some predetermined event
triggers the logic bomb
malware to start running on a
computer.
• Date (such as Friday the
13th, April Fool’s Day, or the
4th of July) often be the logic
bomb’s trigger.
29
Back door/trap door
Types of • Software program that allows
unauthorized access to a system
Malicious without going through the normal (front
& door) log-on procedure.
30
HOW TO CONTROL THREATS AGAINST
MALICIOUS & DESTRUCTIVE
PROGRAMS?
1 2 3 4
31
In computer and network contexts, an audit trail is
a time-stamped record of significant activities on a
system.
32