Solaris CX-310-301 Manuel d'utilisateur Page 6
- Page / 77
- Table des matières
- MARQUE LIVRES
Noté. / 5. Basé sur avis des utilisateurs
Solaris 9 Security CX-310-301 5
General Security Concepts .......................................................................................... 10
Information Security ................................................................................................................... 10
The Security Life Cycle .............................................................................................................. 10
Good Security ............................................................................................................................ 11
Security Awareness ................................................................................................................... 12
Security Policies......................................................................................................................... 12
Policies and Procedures.........................................................................................................12
Physical Security .................................................................................................................... 13
Platform Security .................................................................................................................... 13
Network Security .................................................................................................................... 13
Application Security................................................................................................................ 14
Security Operations and Management................................................................................... 14
Insecure Systems ...................................................................................................................... 14
User Trust............................................................................................................................... 15
Threat ..................................................................................................................................... 15
Risk......................................................................................................................................... 15
Authentication and Privacy ........................................................................................................ 15
Accountability ......................................................................................................................... 16
Authentication......................................................................................................................... 16
Authorization........................................................................................................................... 16
Privacy.................................................................................................................................... 16
Confidentiality......................................................................................................................... 17
Integrity................................................................................................................................... 17
Non-repudiation...................................................................................................................... 17
Attackers .................................................................................................................................... 17
Classification of Attackers and Motives.................................................................................. 17
Information Gathering............................................................................................................. 18
Gathering Techniques ............................................................................................................19
Steps to Prevent Information Disclosure................................................................................ 21
Evaluation Standards................................................................................................................. 21
Invalidating a Certification ...................................................................................................... 22
- Introduction 2
- Exam Time Tips 2
- Additional Resources 3
- Operating System 11
- Good Security 12
- Security Awareness 13
- Security Policies 13
- Policies and Procedures 13
- Physical Security 14
- Platform Security 14
- Network Security 14
- Insecure Systems 15
- Application Security 15
- Confidentiality 18
- Integrity 18
- Non-repudiation 18
- Attackers 18
- Information Gathering 19
- Gathering Techniques 20
- Evaluation Standards 22
- Invalidating a Certification 23
- System Log Files 25
- /var/adm/messages 25
- SU logging 26
- Using Multiple Files 29
- Process Accounting 30
- Overview 30
- Enabling BSM 31
- Generating an Audit 32
- Interpreting the Results 33
- The audit command 33
- Audit Log Files 33
- Disabling BSM 34
- Device Management 34
- Security Attacks 36
- Preventing DoS Attacks 37
- How DoS Attacks Execute 37
- Privilege Escalation Attacks 38
- Types of Attack 38
- Detecting Attacks 39
- Using File Listings 41
- Using Checksums 41
- Using File Digests 41
- Using the find Command 42
- Using Tripwire 43
- Kernel Trust and OpenBoot 46
- OpenBoot 46
- User Account Protection 47
- Expiring Accounts 47
- Restricting root Logins 49
- Dormant Accounts 49
- Protecting Passwords 50
- Users with No Password 51
- Password Aging 51
- Password Cracking Tools 52
- Non-Login Accounts 54
- User Security with SU 54
- Role Based Access Control 55
- Creating A Profile 56
- Creating a Role 56
- Assigning a Role to a User 56
- Logging in to a Role 57
- Listing Roles for a User 57
- Listing Profiles for a Role 57
- Permissions 57
- Directories and Files 57
- Access Control Lists (ACL) 59
- Identifying an ACL 59
- Setting ACLs 60
- Modifying an ACL 60
- Deleting an ACL 61
- PAM and Kerberos 61
- Add a new PAM Module 62
- Kerberos / SEAM 63
- How Kerberos Works 63
- Limitations of Kerberos 63
- Host and Network Prevention 64
- Network Intrusion 65
- Intrusion Detection 65
- Restricting Network Services 65
- Inetd Services 65
- Run Control Services 66
- Host Hardening 66
- Solaris Security Toolkit 67
- Installing SST 68
- SUNWjass-4.0.1.pkg.Z 68
- Configuring SST 68
- Running SST 69
- Updating an SST Run 70
- Undoing SST 70
- Verifying SST 71
- Encryption 72
- Logging 74
- Validating TCP Wrappers 74
- Cryptology 75
- Terminology 75
- Solaris Secure Shell 75
- Configuring the Client 76
- Configuring the Server 76
- Starting and Stopping SSHD 76
- Generating a Client Key 77
- Using ssh 77
© 2020, manymanuals.fr. Tous droits réservés | 0.038 s |
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Commentaires sur ces manuels