Exam 98-367: Security Fundamentals/Understanding Operating System Security

This lesson covers Understanding Operating System Security. It looks at user authentication, permissions, password policies, audit policies, encryption, and malware.

Activity 1 - Understand User Authentication
This objective may include but is not limited to: multifactor; smart cards; RADIUS; Public Key Infrastucture (PKI); understand the certificate chain; biometrics; Kerberos and time skew; using Run As to perform administrative tasks; password reset procedures.
 * 1) Read  Active Directory.
 * 2) Read What is Kerberos?.
 * 3) Read Overview of Authentication and Authorization Technologies.
 * 4) Read Using the Runas Command.
 * 5) Read Reset a Password.
 * 6) Read PKI Basics.

Activity 2 - Understand Permissions
This objective may include but is not limited to: file; share; registry; Active Directory; NTFS vs. FAT; enabling or disabling inheritance; behavior when moving or copying files within the same disk or on another disk; multiple groups with different permissions; basic permissions and advanced permissions; take ownership; delegation.
 * 1) Read Advanced Security Settings.
 * 2) Read What are Permissions?.
 * 3) Read Introduction to File Server Resource Manager.

Activity 3 - Understand Password Policies
This objective may include but is not limited to: password complexity; account lockout; password length; password history; time between password changes; enforce by using group policies; common attack methods.
 * 1) Read Password Best Practices.

Activity 4 - Understand Audit Policies
This objective may include but is not limited to: types of auditing; what can be audited; enabling auditing; what to audit for specific purposes; where to save audit information; how to secure audit information.
 * 1) Read Advanced Security Audit Policy.
 * 2) Read Audit Policy.

Activity 5 - Understand Encryption
This objective may include but is not limited to: EFS; how EFS encrypted folders impact moving/copying files; BitLocker (To Go); TPM; software-based encryption; MAIL encryption and signing and other uses; VPN; public-key / private key; encryption algorithms; certificate properties; certificate services; PKI/certificate services infrastructure; token devices.
 * 1) Read BitLocker and BitLocker To Go.
 * 2) Read BitLocker Drive Encryption Overview.
 * 3) Read What Threats Does BitLocker Protect Against?.
 * 4) Read What Do You Want to Protect with BitLocker?.
 * 5) Read Certificates.

Activity 6 - Understand Malware
This objective may include but is not limited to: buffer overflow; worms; Trojans; spyware.
 * 1) Read Protecting Against Buffer Overflows.