The operating system (OS) of an information system contains the software that executes the critical functions of the information system. The OS manages the computer’s memory, processes, and all of its software and hardware. It allows different programs to run simultaneously and access the computer’s memory, central processing unit, and storage. The OS coordinates all these activities and ensures that sufficient resources are applied. These are the fundamental processes of the information system and if they are violated by a security breach or exploited vulnerability it has the potential to have the biggest impact on your organization.
Security for operating systems consists of protecting the OS components from attacks that could cause deletion, modification, or destruction of the operating system. Threats to an OS could consist of a breach of confidential information, unauthorized modification of data, or unauthorized destruction of data. It is the job of the cybersecurity engineer to understand the operations and vulnerabilities of the OS (whether it is a Microsoft, Linux, or another type of OS), and to provide mitigation, remediation, and defense against threats that would expose those vulnerabilities or attack the OS.
There are six steps that will help you create your final deliverables. The deliverables for this project are as follows:
- Security Assessment Report (SAR): This report should be a 7-8 page double-spaced Word document with citations in APA format. The page count does not include figures, diagrams, tables, or citations.
- Nontechnical presentation: This is a set of 8-10 PowerPoint slides for upper management that summarizes your thoughts regarding the findings in your SAR.
- In a Word document, share your lab experience and provide screen prints to demonstrate that you performed the lab.
When you submit your project, your work will be evaluated using the competencies listed below. You can use the list below to self-check your work before submission.
- 1.1: Organize document or presentation clearly in a manner that promotes understanding and meets the requirements of the assignment.
- 2.3: Evaluate the information in a logical and organized manner to determine its value and relevance to the problem.
- 5.4: Identify potential threats to operating systems and the security features necessary to guard against them.