Chapter Securing the Operating System
Author: KevinDKinsey
Reviewer: name contact BSD flavour
Reviewer: name contact BSD flavour
The mark of a good system administrator is the awareness of and adherence to best security practices. An administrator is expected to be familiar with common security practices. BSD systems are designed with security in mind and provide many mechanisms which allow the system administrator to tune systems to the security requirements of an organization. While the BSDA candidate won't always be responsible for implementing these mechanisms, being able to recognize the features and commands available for securing BSD systems is still an essential aspect of overall security administration.
- Determine the system's security level
- Configure an SSH server according to a set of requirements
- Configure an SSH server to use a key pair for authentication
- Preserve existing SSH host keys during a system upgrade
- Recognize alternate authentication mechanisms
- Recognize alternate authorization schemes
- Recognize basic recommended access methods
- Recognize BSD firewalls and rulesets
- Recognize BSD mechanisms for encrypting devices
- Recognize methods for verifying the validity of binaries
- Recognize the BSD methods for restraining a service
- Change the encryption algorithm used to encrypt the password database
- Modify the system banner
- Protect authentication data