Skillset can help you prepare! Sign up for your free Skillset account and take the first steps towards your certification.
The initial area for review when an IT auditor is performing an operating system integrity review of a server is to:
Verify that programs or services running on the server are from legal sources.
Ensure that file permissions are correct on configuration files.
Verify that privileged programs or services cannot be invoked by user programs.
Validate if administrator accounts have proper password controls.
If user-level programs can interfere with privileged programs or services, then changes to system parameters and operating system (OS) integrity issues could result. A privilege escalation attack occurs when a user with limited authority is able to perform actions beyond what he/she has been authorized to do. For example, consider a program scheduling utility that often can run with âsystem levelâ authority and allows the user to run a program that his/her security profile ordinarily would not allow. Configuration features of the OS, such as file permissions for critical files, must be set correctly to ensure that privilege escalation attacks are less likely to occur. Choice B is not correct because, while password controls on administrator accounts are very important, ensuring that programs operate within their defined security limits is much more critical. Choice C is not correct because, while file permissions are important, this is only part of the process of ensuring OS integrity. Choice D is not correct because the risk associated with privileged programs or services is more severe than risk related to software that has been compromised or obtained from sources that are not valid.
Train with Skillset and pass your certification exam. Faster. Guaranteed.
Study thousands of practice questions that organized by skills and ranked by difficulty.
Create a tailored training plan based on the knowledge you already possess.
Know when you’re ready for the high-stakes exam. Have the confidence that you will pass on your first attempt.