Operating System Security and Settings – CompTIA Security+ SY0-401: 4.3

An operating system has hundreds of configuration options that can affect the security of the platform. In this video, you’ll learn about the customization of user rights, log settings, file permissions, and many more operating system options.

<< Previous Video: Mobile BYOD ConcernsNext: Anti-Malware >>

The operating system is an incredibly important starting point for any type of security. If the operating system is vulnerable, you generally will have access to everything that is stored in the operating system, which means all of your applications and all of your data. If you start getting into operating systems and looking at all of the different security settings, 0 you’ll run into, literally, hundreds of different settings that you can configure to define what the security posture might be for your operating system. And you’re generally going in and only changing a number of these. Maybe you’re only focusing on changing firewall settings within the operating system. Maybe there are certain applications you don’t want to even have installed in your operating system. And, of course, you want to do some best practices such as disabling guest accounts on your operating system.

Let’s categorize what some of these security settings might be in our operating system. User rights allow us to change what a user may have access to inside of the system. They might have access to certain kinds of files, and their access to that file might be read only, or we may allow read and write access. And, of course, this usually includes setting up groups of users so we can create logical groupings. For instance, the shipping and receiving department may have a certain type of access to these files, but the accounting department may have a completely different access to the same files.

Your operating system can log a lot of information. So you may want to define exactly what gets logged in the operating system. You may even want to take that log information and send it out and forward it to a centralized source, so that you can collect logs from all of your operating systems at one time, and then access a report on those from a central reporting console.

In the operating system you can also lock down individual files. There may be operating system files you don’t want anyone to have access to, or you may only want to restrict, perhaps, the execution of certain files, but not the modification of those important system files. If we’re managing a Windows operating system, we also need to think about what access people have to the registry. Generally, our administrator should have access to the entire registry, but we may want to limit access, especially to sensitive areas that deal with the operation of the OS itself.

And, of course, we can set account policies. We need to define what users can do in the operating system, and what they can’t do in the operating system. So all of these hundreds of security settings can be modified and changed to create the correct security profile for your OS.