This study source was downloaded by 100000795602287 from CourseHero com on 04 20 2022 23 30 46 GMT 05 00 https www coursehero com file 14485952 OS CH11 12 Stephanie Quiles Homework Chapter 11 and 12October 6th 2015Chapter 11 1 Imagine that you are the manager of a small business computing center List at least three techniques that you would use to convince a busy reluctant night operator to perform regularbackups Explain the best and worst possible technique to assure your success I would explain to the night operator that backups are crucial due to potential disasters that may be beyond anyone s control Disasters such as fire a bad server intrusion from an unauthorized user viruses worms or other malware could all be devastating if information is not backed up regularly All of those of things that cannot be anticipated and can occur at any time If explaining didn t work I could demonstrate to the operator how devastating not backingup could be by showing them how vulnerable their system may be to outside threats this would probably b the least effective way as it could have devastating effects to the system if it isnot backed up prior to the demonstration 2 Disgruntled employees can sometimes wreak havoc on a computer system because other users leave their passwords written in plain view in the space surrounding their workstations How would you convince your users to safeguard their passwords What specific advice would you give them I would tell users not to leave their passwords written on or near their workstations do not use obvious password combinations such as their children s names significant others or pet names I would also advise or make mandatory a combination of upper and lower case alphanumeric and numeric combination in their passwords Also I would suggest they change their passwords every few months 3 Explain how you would verify the effectiveness of a new password security policy Explain the critical elements of such a policy if it is to be successful I would verify the effectiveness of a new password security policy by perhaps attempting to guess employee passwords If some of these passwords were easy to guess then the password security policy would be considered ineffective A good password security policy would entail proper training of employees on what to do and not to do in regards to their passwords Giving users the proper tools to set strong passwords that are hard to break but easy to remember is key Designing settings that require a combination of upper and lowercase letters along with numbers and symbol that are at least 20 characters long or more will make for a stronger password that will not be as easy to crack 4 Describe the advantages and disadvantages of password generator software Would you recommend the use of such software for your own system Explain why or why not There are many advantages to using password generator software in that it normally serves as a vault to store your password combinations for each website that is accessed with one key password A downside is that if there is a breach in this software and the main password is breached all of your information is then compromised along with it Where as if someone were This study source was downloaded by 100000795602287 from CourseHero com on 04 20 2022 23 30 46 GMT 05 00 https www coursehero com file 14485952 OS CH11 12 trying to find the password to a particular account they would only have access to that particular account and no other However if done correctly this software will assist the user is saving them the headache of memorizing multiple passwords for different websites something that we all fail at doing It also becomes even harder when the passwords need to be changed periodically making it even more confusing for users to keep track of their changes Another potential downside is how the software may or may not work cross platforms For example Macand iOS use their own proprietary software called Keychain and though it is very good at safeguarding information and prevent users from forgetting their multiple passwords across their apple devices it cannot be used on other devices that use Windows Chrome or Android OS So the user would then need the employ of third party software that can be used across all different platforms Software that may fill that need would be ones such as 1Password Also another potential downside that one might to consider is cost Many of the software options out there require an upfront cost or a subscription fee there are a few that are open source but of course that has it downsides in regards to support and potential threats 5 Keeping the critical operating systems patches current is an important aspect of both system security and system administration Should executive management be made aware of this or any aspect of system security Explain why or why not Executive management should be made aware of how important it is to keep machines up to date with any system patches Any hole in the system can put the works of employees and bosses in jeopardy as well as any possible breach of sensitive information that may be exploited through unsecure systems Advanced 8 Describe the unique threats to a data center posed by disgruntled employees Describe how you would identify such people if possible and how you would protect your system from these threats An application developer who lost his IT sector job as a result of company downsizing expressed his displeasure at being laid off just prior to the Christmas holiday by launching a systematic attack on his former employer s computer network Three weeks following his termination the insider used the username and password of one of his former coworkers to gain remote access to the network He modified several of the company s Web pages changing text and inserting pornographic images He also sent each of the company s customers an e mail message advising that the Web site had been hacked Each e mail message also contained that customer s usernames and passwords for the Web site An investigation was initiated but itfailed to identify the insider as the perpetrator A month and a half later he again remotely accessed the network and executed a script to reset all network passwords he then changed 4 000 pricing records to reflect bogus information This former employee ultimately was identified and prosecuted That is just an example of some of the things a disgruntled employee can do to harm a company s system Some