System and Network Security Topics
Explained
1. Registry
The Registry is a hierarchical database in Microsoft Windows that stores configuration
settings and options for the operating system and installed applications.
- Purpose: Stores user preferences, OS settings, driver info, software configurations.
- Structure: Contains keys and values organized in a tree-like structure (e.g.,
HKEY_LOCAL_MACHINE, HKEY_CURRENT_USER).
- Security Concerns: Improper registry configurations can cause vulnerabilities; malware
may modify registry values for persistence.
2. Settings and Configurations
Settings refer to how software or systems behave, based on user preferences or admin-
defined rules. Configuration is the process of setting up software/system parameters.
- Examples: Turning on a firewall, setting login timeout, encryption options.
- Security Tip: Default settings are often insecure. Always review and adjust configurations
properly.
3. Authentication Service and Security
Authentication verifies the identity of users or systems before granting access.
- Services: Active Directory, LDAP, RADIUS manage and verify identities.
- Methods: Passwords, biometrics, two-factor authentication (2FA/MFA).
- Security Goal: Prevent unauthorized access to systems or data.
- Protocols: Kerberos, OAuth, JWT.
- Risks: Brute-force attacks, credential theft, weak passwords.
4. Cryptography Security
Cryptography secures data through encoding to ensure confidentiality, integrity, and
authentication.
�- Types:
* Symmetric (AES): Same key for encryption/decryption.
* Asymmetric (RSA, ECC): Public/private keys.
* Hashing (SHA-256): One-way transformation.
- Uses: Secure web browsing (HTTPS), file encryption, secure messaging.
- Threats: Weak keys, outdated algorithms, improper implementation.
5. Lightweight Directory Access Protocol (LDAP)
LDAP is a protocol used to access and manage distributed directory information such as
user accounts, groups, and resources.
- Uses: Centralized authentication, managing users/devices/services.
- Security: Use LDAP over SSL (LDAPS), restrict anonymous queries, enforce access controls.
6. Remote Access Server (RAS)
A Remote Access Server allows users to connect to a network from remote locations.
- Technologies: VPNs (PPTP, L2TP, SSL-VPN), Remote Desktop, SSH.
- Benefits: Enables remote work or administration.
- Security: Use encryption, enforce strong authentication, monitor connections.
7. Media Player Control Security
Involves securing media applications from vulnerabilities and unauthorized access.
- Threats: Malicious media files, auto-play exploits.
- Best Practices: Disable autoplay, keep media players updated, run in sandbox
environments.
8. Network Application Program Interface (API) Security
Securing APIs that allow software components to communicate over a network.
- Risks: Injection attacks, broken authentication, data leakage.
- Solutions: Use tokens (OAuth, JWT), input validation, access control, API gateways, and
encryption.
�9. Challenges Faced by Mobile Devices
Mobile devices face security risks due to portability, always-on connectivity, and app-based
environments.
- Challenges: Device theft, unsecured Wi-Fi, malware, delayed updates, over-permissive
apps.
- Mitigation: Use screen locks, encryption, MDM tools, trusted app sources, and regular
updates.
