Is418 Project 1-2-3

Only available on StudyMode
  • Download(s) : 563
  • Published : August 28, 2012
Open Document
Text Preview
IS-418: Security Strategies in Linux Platforms and Applications

* Project: Linux – Based Web Application Infrastructure

* Project: Logistics

* Project Part 3: Executive Summary

* Project Part 3: Tasks 1
* Project Part 3: Tasks 2
* Project Part 3: Tasks 3
IS-418: Security Strategies in Linux Platforms and Applications

* Project: Linux – Based Web Application Infrastructure

* Project: Logistics

* Project Part 3: Executive Summary

* Project Part 3: Tasks 1
* Project Part 3: Tasks 2
* Project Part 3: Tasks 3

Task 1: Use a Kernel

Scenario:
First World Bank Savings and Loan's Linux-based infrastructure requires an in-house custom kernel or a kernel provided by a vendor

Tasks:
* You need to:

* Make recommendations whether the organization should use a custom kernel * Compile stock kernels from sources, or use a vendor-supplied kernel * Explain the pros and cons of each of the kernel options and support your recommendations with a valid rational

I have recommended the appropriate kernel that can be used by the organization: File system
Like all UNIX systems, its file system is based on one root directory, or hierarchical top point with subdirectories underneath it. Some sub-directories act as mount points, where different physical or networked file systems may be incorporated. The hardware is also incorporated into the file hierarchy. Device drivers interface to user applications via an entry in the /dev directory. Process information as well is mapped to the file system through the /proc directory. Unix security systems were designed into the architecture. Raw hardware devices are protected from direct access, and the file system has an inbuilt security system giving individual access to files on three levels, user only, group membership, and world access. Each category has read, executable and write flags that may be set in any combination. Kernel -or- System Software The Linux kernel includes true multitasking, virtual memory, shared libraries, demand loading, shared copy-on-write executable, proper memory management, and TCP/IP networking. Today Linux is a module-loading monolithic kernel. Device drivers and kernel extensions typically run in ring 0, with full access to the hardware, although some run in user space. Unlike standard monolithic kernels, device drivers are easily configured as modules, and loaded or unloaded while running the system. Also unlike standard monolithic kernels, device drivers can be pre-empted under certain conditions. This latter feature was added to handle hardware interrupts correctly, and to improve support for symmetric multiprocessing. Preemption also improves latency, increasing responsiveness and making Linux more suitable for real-time applications. The complete source code of various versions of the Linux kernel can be browsed at http://lxr.linux.no. The complete source code of the latest versions of the Linux kernel can be downloaded from http://www.kernel.org.

Task 2: Recommend a Software Management Plan

Scenario:

The original task team at First World Bank Savings and Loan has concerns about the support and software management of the organization’s Linux-based infrastructure. The team wants you to recommend a software management plan keeping in mind the various servers and the cost.

Tasks:

* You need to:

* Make a recommendation for a software management plan. Consider options available from the open source community and from vendors. If you select a vendor, specify the software it will support and how it will support. * Explain the need to install anti-virus software on Linux servers providing a rationale in support of your answer. * Summarize a plan for applying patches and security updates to the Linux system.

I have recommended a suitable software management plan:

Opengear provides open DCIM and RIM solutions that enable our customers...
tracking img