CIS Audit: OS Functions & Security
CIS Audit: OS Functions & Security
Operating system
An operating system, or OS, is a software program that enables the computer hardware to communicate and operate
with the computer software. Without a computer operating system, a computer would be useless.
The operating system is the most important program that runs on a computer. Every general-purpose computer must
have an operating system to run other programs. Operating systems perform basic tasks, such as recognizing input from
the keyboard, sending output to the display screen, keeping track of files and
directories on the disk, and controlling peripheral devices such as disk drives
and printers.
For large systems, the operating system has even greater responsibilities and
powers. It is like a traffic cop -- it makes sure that different programs and
users running at the same time do not interfere with each other. The
operating system is also responsible for security, ensuring that unauthorized
users do not access the system.
It manages the computer's memory, processes, and all of its software and
hardware. It also allows you to communicate with the computer without
knowing how to speak the computer's "language."
Operating systems provide a software platform on top of which other programs, called application programs, can run.
The application programs must be written to run on top of a particular operating system. Your choice of operating
system, therefore, determines to a great extent the applications you can run. For PCs, the most popular operating
systems are DOS, OS/2, and Windows, but others are available, such as Linux.
As a user, you normally interact with the operating system through a set of commands. For example, the DOS operating
system contains commands such as COPY and RENAME for copying files and changing the names of files, respectively.
The commands are accepted and executed by a part of the operating system called the command processor or
command line interpreter. Graphical user interfaces allow you to enter commands by pointing and clicking at objects
that appear on the screen.
Page 1 of 15
Accounting 503 CIS Audit
The process of starting or restarting the computer is known as booting. A cold boot is when you turn on a
computer that has been turned off completely. A warm boot is the process of using the operating system to
restart the computer.
ii. Performs basic computer tasks eg managing the various peripheral devices eg mouse, keyboard
The operating system performs basic computer tasks, such as managing the various peripheral devices such as
the mouse, keyboard and printers. For example, most operating systems now are plug and play which means a
device such as a printer will automatically be detected and configured without any user intervention.
iii. Provides a user interface, e.g. command line, graphical user interface (GUI)
A user interacts with software through the user interface. The two main types of user interfaces are: command
line and a graphical user interface (GUI). With a command line interface, the user interacts with the operating
system by typing commands to perform specific tasks. An example of a command line interface is DOS (disk
operating system). With a graphical user interface, the user interacts with the operating system by using a
mouse to access windows, icons, and menus. An example of a graphical user interface is Windows Vista or
Windows 7. The operating system is responsible for providing a consistent application program interface (API)
which is important as it allows a software developer to write an application on one computer and know that it
will run on another computer of the same type even if the amount of memory or amount of storage is different
on the two machines.
iv. Handles system resources such as computer's memory and sharing of the central processing unit (CPU) time by
various applications or peripheral devices
The operating system also handles system resources such as the computer's memory and sharing of the central
processing unit (CPU) time by various applications or peripheral devices. Programs and input methods are
constantly competing for the attention of the CPU and demand memory, storage and input/output bandwidth.
The operating system ensures that each application gets the necessary resources it needs in order to maximise
the functionality of the overall system.
v. Provides file management which refers to the way that the operating system manipulates, stores, retrieves and
saves data.
The operating system also handles the organisation and tracking of files and directories (folders) saved or
retrieved from a computer disk. The file management system allows the user to perform such tasks as creating
files and directories, renaming files, coping and moving files, and deleting files. The operating system keeps track
of where files are located on the hard drive through the type of file system. The type two main types of file
system are File Allocation table (FAT) or New Technology File system (NTFS).
One major advantage of NTFS is that it includes features to improve reliablity. For example, the new technology file
system includes fault tolerance, which automatically repairs hard drive errors without displaying error messages. It also
keeps detailed transaction logs, which tracks hard drive errors. This can help prevent hard disk failures and makes it
possible to recover files if the hard drive does fail.
Page 2 of 15
Accounting 503 CIS Audit
NTFS also allows permissions (such as read, write, and execute) to be set for individual directories and files.
Page 3 of 15
Accounting 503 CIS Audit
Security Principles
Identification Authentication and Authorization
A. Identification describes a method of ensuring that a subject is the entity it claims to be. E.g.: A user name or an
account no.
B. Authentication is the method of proving the subjects identity. E.g.: Password, Passphrase, PIN
C. Authorization is the method of controlling the access of objects by the subject. E.g.: A user cannot delete a
particular file after logging into the system
Note: There must be a three step process of Identification, Authentication and Authorization in order for a subject to
access an object
Authentication Methods
1. Biometrics
Verifies an individuals identity by analyzing a unique personal attribute or behavior
It is the most effective and accurate method for verifying identification.
It is the most expensive authentication mechanism
Types of Biometric Systems
o Finger Print- are based on the ridge endings, bifurcation exhibited by the friction edges and some
minutiae of the finger
o Palm Scan- are based on the creases, ridges, and grooves that are unique in each individuals palm
o Hand Geometry- are based on the shape (length, width) of a persons hand and fingers
o Retina Scan- is based on the blood vessel pattern of the retina on the backside of the eyeball.
o Iris Scan- is based on the colored portion of the eye that surrounds the pupil. The iris has unique
patterns, rifts, colors, rings, coronas and furrows.
o Signature Dynamics- is based on electrical signals generated due to physical motion of the hand
during signing a document
o Keyboard Dynamics- is based on electrical signals generated while the user types in the keys
(passphrase) on the keyboard.
o Voice Print- based on human voice
Page 4 of 15
Accounting 503 CIS Audit
o Facial Scan- based on the different bone structures, nose ridges, eye widths, forehead sizes and chin
shapes of the face.
o Handy Topography- based on the different peaks, valleys, overall shape and curvature of the hand.
Types of Biometric Errors
o Type I Error: When a biometric system rejects an authorized individual ( false rejection rate)
o Type II Error: When a biometric systems accepts imposters who should be rejected (false acceptance
rate)
o Crossover Error Rate (CER): The point at which the false rejection rate equals false acceptance rate.
It is also called as Equal Error Rate (EER).
2. Passwords
It is the most form of system identification and authentication mechanism
A password is a protected string of characters that is used to authenticate an individual
Password Management
o Password should be properly guaranteed, updated, and kept secret to provide and effective security
o Passwords generators can be used to generate passwords that are uncomplicated, pronounceable,
non-dictionary words.
o If the user chooses his passwords, the system should enforce certain password requirement like
insisting to use special char, no of char, case sensitivity etc. )
Techniques for Passwords Attack
o Electronic monitoring- Listening to network traffic to capture information, especially when a user is
sending her password to an authentication server. The password can be copied and reused by the
attacker at another time, which is called a replay attack.
o Access the password file- Usually done on the authentication server. The password file contains
many users’ passwords and, if compromised, can be the source of a lot of damage. This file should
be protected with access control mechanisms and encryption.
o Brute force attacks Performed with tools that cycle through many possible character, number, and
symbol combinations to uncover a password.
o Dictionary attacks Files of thousands of words are used to compare to the user’s password until a
match is found.
o Social engineering An attacker falsely convinces an individual that she has the necessary
authorization to access specific resources
Password checkers can be used to check the strength of the password by trying to break into the system
Passwords should be encrypted and hashed
Password aging should be implemented
No of logon attempts should be limited
3. Cognitive Passwords
Cognitive passwords are facts or opinion-based information used to verify an individual identity (e.g.:
mothers maidens name)
This is best used for helpdesk services, and occasionally used services.
4. One-Time or Dynamic Passwords
It is a token based system used for authentication purposes where the service is used only once
It is used in environments that require a higher level of security than static password provides
Types of token generators
o Synchronous (e.g.: SecureID) - A synchronous token device/generator synchronizes with the
authentication service by any of the two means.
Time Based: In this method the token device and the authentication service must hold the
same time within their internal clocks. The time value on the token device and a secret key
Page 5 of 15
Accounting 503 CIS Audit
are used to create a one time password. This password is decrypted by the server and
compares it to the value that is expected.
Counter Based: In this method the user will need to initiate the logon sequence on the
computer and push a button on the token device. This causes the token device and the
authentication service to advance to the next authentication value. This value and a base
secret are hashed and displayed to the user. The user enters this resulting value along with a
user ID to be authenticated.
o Asynchronous: A token device that is using an asynchronous token-generating method uses a
challenge/response scheme to authenticate the user. In this situation, the authentication server
sends the user a challenge, a random value also called a nonce. The user enters this random value
into the token device, which encrypts it and returns a value that the user uses as a one-time
password. The user sends this value, along with a username, to the authentication server. If the
authentication server can decrypt the value and it is the same challenge value that was sent earlier,
the user is authenticated
Example: SecureID
o It is one of the most widely used time-based tokens from RSA Security
o It uses a time based synchronous two-factor authentication
5. Cryptographic Keys
Uses private keys and Digital Signatures
Provides a higher level of security than passwords
6. Passphrase
A passphrase is a sequence of characters that is longer than a password and in some cases, takes the place
of a password during an authentication process.
The application transforms the pass phrase into a virtual password and into a format required by the
application
It is more secure that passwords
7. Memory Cards
Holds information but cannot process them
More secure than passwords but costly
E.g.: Swipe cards, ATM cards
8. Smart Cards
Holds information and has the capability to process information and can provide a two factor authentication
(knows and has)
Categories of Smart Cards
o Contact
o Contactless
Hybrid- has 2 chips and supports both contact and contactless
Combi- has a microprocessor that can communicate with both a contact as well as a contact
reader.
More expensive and tamperproof than memory cards
Types of smartcard attacks
o Fault generation: Introducing of computational errors into smart card with the goal of uncovering
the encryption keys that are being used and stored on cards
o Side Channel Attacks: These are non-intrusive attacks and are used to uncover sensitive information
about how a component works without trying to compromise any type of flaw or weakness. The
following are some of the examples
Differential Power Analysis: Examining the power emission that are released during
processing
Page 6 of 15
Accounting 503 CIS Audit
Administrative
The administrative controls are defined by the top management in an organization.
Examples of Administrative Controls
Security policy
Monitoring and supervising
Separation of duties
Job rotation
Information classification
Personnel procedures
Investigations
Testing
Security-awareness and training
Page 7 of 15
Accounting 503 CIS Audit
Separation of duties: The separation of duties should be enforced so that no one individual can carry out a
critical task alone that could prove to be detrimental to the company.
Example: A bank teller who has to get supervisory approval to cash checks over $2000 is an example of separation of
duties. For a security breach to occur, it would require collusion, which means that more than one person would need to
commit fraud, and their efforts would need to be concerted. The use of separation of duties drastically reduces the
probability of security breaches and fraud.
Rotation of duties means that people rotate jobs so that they know how to fulfill the obligations of more than
one position. Another benefit of rotation of duties is that if an individual attempts to commit fraud within his
position, detection is more likely to happen if there is another employee who knows what tasks should be
performed in that position and how they should be performed.
Supervisory Structure
Management must construct a supervisory structure which enforces management members to be responsible
for employees and take a vested interest in their activities. If an employee is caught hacking into a server that
holds customer credit card information, that employee and her supervisor will face the consequences?
Security-Awareness Training
This control helps users/employees understand hot to properly access resources, why access controls are in
place and the ramification for not using the access controls properly.
Testing
This control states that all security controls, mechanisms, and procedures are tested on a periodic basis to
ensure that they properly support the security policy, goals, and objectives set for them.
The testing can be a drill to test reactions to a physical attack or disruption of the network, a penetration test of
the firewalls and perimeter network to uncover vulnerabilities, a query to employees to gauge their knowledge,
or a review of the procedures and standards to make sure they still align with business or technology changes
that have been implemented.
Physical
Physical controls support and work with administrative and technical (logical) controls to supply the right degree of
access control.
Examples of Physical Control
Fences
Locks
Badge system
Security guard
Biometric system
Mantrap doors
Lighting
Motion detectors
Closed-circuit TVs
Alarms
Backups
Network Segregation
Network segregation can be carried out through physical and logical means. A section of the network may
contain web servers, routers, and switches, and yet another network portion may have employee workstations.
Each area would have the necessary physical controls to ensure that only the permitted individuals have access
into and out of those sections.
Perimeter Security
Page 8 of 15
Accounting 503 CIS Audit
The implementation of perimeter security depends upon the company and the security requirements of that
environment.
One environment may require employees to be authorized by a security guard by showing a security badge that
contains picture identification before being allowed to enter a section. Another environment may require no
authentication process and let anyone and everyone into different sections.
Perimeter security can also encompass closed-circuit TVs that scan the parking lots and waiting areas, fences
surrounding a building, lighting of walkways and parking areas, motion detectors, sensors, alarms, and the
location and visual appearance of a building. These are examples of perimeter security mechanisms that provide
physical access control by providing protection for individuals, facilities, and the components within facilities.
Computer Controls
Each computer can have physical controls installed and configured, such as locks on the cover so that the
internal parts cannot be stolen, the removal of the floppy and CD-ROM drives to prevent copying of confidential
information, or implementation of a protection device that reduces the electrical emissions to thwart attempts
to gather information through airwaves.
Work Area Separation
Some environments might dictate that only particular individuals can access certain areas of the facility.
Data Backups
Backing up data is a physical control to ensure that information can still be accessed after an emergency or a
disruption of the network or a system.
Cabling
There are different types of cabling that can be used to carry information throughout a network.
Some cable types have sheaths that protect the data from being affected by the electrical interference of other
devices that emit electrical signals.
Some types of cable have protection material around each individual wire to ensure that there is no crosstalk
between the different wires.
All cables need to be routed throughout the facility in a manner that is not in people’s way or that could be
exposed to any danger of being cut, burnt, crimped, or eavesdropped upon.
Control Zone
It is a specific area that surrounds and protects network devices that emit electrical signals. These electrical
signals can travel a certain distance and can be contained by a specially made material, which is used to
construct the control zone.
The control zone is used to resist penetration attempts and disallow sensitive information to “escape” through
the airwaves.
A control zone is used to ensure that confidential information is contained and to hinder intruders from
accessing information through the airwaves.
Companies that have very sensitive information would likely protect that information by creating control zones
around the systems that are processing that information
Technical
Technical controls called logical controls are the s/w tools used to restrict subject’s access to objects. They can be core
OS components, add-on security packages, applications, n/w h/w devices, protocols, encryption mechanisms, and access
control metrics.
They protect the integrity and availability of resources by limiting the number of subjects that can access them and
protect the confidentiality of resources by preventing disclosure to unauthorized subjects.
Page 9 of 15
Accounting 503 CIS Audit
Encryption
Audit logs
IDS
Antivirus software
Firewalls
Smart cards
Dial-up call-back systems
Alarms and alerts
System Access
In this type, control of access to resources is based on the sensitivity of data, clearance level of users, and user’s
rights and permissions. As technical control for system access can be a user name password, Kerberos
implementation, biometrics, PKI, RADIUS, TACACS or authentication using smartcards.
Network Access
This control defines the access control mechanism to access the different network resources like the routers,
switches, firewalls, bridges etc.
Encryption and protocols
These controls are used to protect information as it passes throughout an n/w and resides on computers. They
preserve the confidentiality and integrity of data and enforce specific paths for communication to take place.
Auditing
These controls track activity within a n/w, on a n/w device or on a specific computer .They help to point out
weakness of other technical controls and make the necessary changes.
Network Architecture
This control defines the logical and physical layout of the network, and also the access control mechanisms
between different n/w segments.
Access Control Types
Each of the access control categories – administrative, physical and technical work at different levels, each at a different
level of granularity and perform different functionalities based on the type.
The different types of access control are
Preventative- Avoid undesirable events from occurring
Detective- Identify undesirable events that have occurred
Corrective- Correct undesirable events that have occurred
Deterrent- Discourage security violations
Recovery- Restore resources and capabilities
Compensative- Provide alternatives to other controls
Denial of Service(DoS/DDoS)
A denial-of-service attack (DoS attack) or distributed denial-of-service attack (DDoS attack) is an attempt to
make a computer resource unavailable to its intended users. Although the means to, motives for, and targets of
a DoS attack may vary, it generally consists of the concerted, malevolent efforts of a person or persons to
prevent an Internet site or service from functioning efficiently or at all, temporarily or indefinitely.
The purpose of DoS attacks is to force the targeted computer(s) to reset, or consume its resources so that it can
no longer provide its intended service
Buffer Overflows
A buffer overflow is an anomalous condition where a process attempts to store data beyond the boundaries of a
fixed-length buffer. The result is that the extra data overwrites adjacent memory locations. The overwritten data
Page 10 of 15
Accounting 503 CIS Audit
may include other buffers, variables and program flow data and may cause a process to crash or produce
incorrect results. They can be triggered by inputs specifically designed to execute malicious code or to make the
program operate in an unintended way. As such, buffer overflows cause many software vulnerabilities and form
the basis of many exploits.
Malicious Software
Password Crackers
Spoofing/Masquerading
A spoofing attack is a situation in which one person or program successfully masquerades as another by
falsifying data and thereby gaining an illegitimate advantage.
Popular Spoofing Techniques
o Man-in-the-middle attack (MITM):An attack in which an attacker is able to read, insert and modify at will
messages between two parties without either party knowing that the link between them has been
compromised. The attacker must be able to observe and intercept messages going between the two
victims
o IP address Spoofing : refers to the creation of IP packets with a forged (spoofed) source IP address with
the purpose of concealing the identity of the sender or impersonating another computing system.
o URL spoofing: A Spoofed URL describes one website that poses as another
o Phishing :An attempt to criminally and fraudulently acquire sensitive information, such as usernames,
passwords and credit card details, by masquerading as a trustworthy entity in an electronic
communication.
o Referrer spoofing:It is the sending of incorrect referrer information along with an HTTP request,
sometimes with the aim of gaining unauthorized access to a web site. It can also be used because of
privacy concerns, as an alternative to sending no referrer at all.
o Spoofing of file-sharing Networks: Polluting the file-sharing networks where record labels share files that
are mislabeled, distorted or empty to discourage downloading from these sources.
o Caller ID spoofing :This allows callers to lie about their identity, and present false names and numbers,
which could of course be used as a tool to defraud or harass
o E-mail address spoofing:A technique commonly used for spam e-mail and phishing to hide the origin of
an e-mail message by changing certain properties of the e-mail, such as the From, Return-Path and
Reply-To fields.
o Login spoofing : A technique used to obtain a user's password. The user is presented with an ordinary
looking login prompt for username and password, which is actually a malicious program, usually called a
Trojan horse under the control of the attacker. When the username and password are entered, this
information is logged or in some way passed along to the attacker, breaching security.
Emanations
All electronic devices emit electrical signals. These signals can hold important information, and if an attacker
buys the right equipment and positions himself in the right place, he could capture this information from the
airwaves and access data transmissions as if he had a tap directly on the network wire.
Shoulder Surfing
Shoulder surfing refers to using direct observation techniques, such as looking over someone's shoulder, to get
information. Shoulder surfing is particularly effective in crowded places because it's relatively easy to observe
someone as they:
o Fill out a form
o Enter their PIN at an automated teller machine or a POS Terminal
o Use a calling card at a public pay phone
o Enter passwords at a cybercafe, public and university libraries, or airport kiosks.
o Enter a digit code for a rented locker in a public place such as a swimming pool or airport.
Page 11 of 15
Accounting 503 CIS Audit
Shoulder surfing is also be done at a distance using binoculars or other vision-enhancing devices. Inexpensive,
miniature closed-circuit television cameras can be concealed in ceilings, walls or fixtures to observe data entry.
To prevent shoulder surfing, it is advised to shield paperwork or the keypad from view by using one's body or
cupping one's hand.
Recent automated teller machines now have a sophisticated display which discourages shoulder surfers. It
grows darker beyond a certain viewing angle, and the only way to tell what is displayed on the screen is to stand
directly in front of it.
Certain models of credit card readers have the keypad recessed, and employ a rubber shield that surrounds a
significant part of the opening towards the keypad. This makes shoulder-surfing significantly harder, as seeing
the keypad is limited to a much more direct angle than previous models. Taken further, some keypads alter the
physical location of the keys after each keypress. Also, security cameras are not allowed to be placed directly
above an ATM.
Object Reuse
Object reuse issues pertain to reassigning to a subject media that previously contained one or more objects.
The sensitive information that may be left by a process should be securely cleared before allowing another
process the opportunity to access the object. This ensures that information not intended for this individual or
any other subject is not disclosed.
For media that holds confidential information, more extreme methods should be taken to ensure that the files
are actually gone, not just their pointers.
Data Remanence
Data remanence is the residual representation of data that has been in some way been nominally erased or
removed. This residue may be due to data being left intact by a nominal delete operation, or through physical
properties of the storage medium.
Data remanence may make inadvertent disclosure of sensitive information possible, should the storage media
be released into an uncontrolled environment.
Backdoor/Trapdoor
A backdoor is a malicious computer program or particular means that provide the attacker with unauthorized
remote access to a compromised system exploiting vulnerabilities of installed software and bypassing normal
authentication.
A backdoor works in background and hides from the user. It is very similar to a virus and therefore is quite
difficult to detect and completely disable.
A backdoor is one of the most dangerous parasite types, as it allows a malicious person to perform any possible
actions on a compromised computer. The attacker can use a backdoor to
o spy on a user,
o manage files,
o install additional software or dangerous threats,
o control the entire system including any present applications or hardware devices,
o shutdown or reboot a computer or
o attack other hosts.
Often a backdoor has additional harmful capabilities like keystroke logging, screenshot capture, file infection,
even total system destruction or other payload. Such parasite is a combination of different privacy and security
threats, which works on its own and doesn’t require to be controlled at all.
Most backdoors are autonomic malicious programs that must be somehow installed to a computer. Some
parasites do not require the installation, as their parts are already integrated into particular software running on
a remote host. Programmers sometimes left such backdoors in their software for diagnostics and
troubleshooting purposes. Hackers often discover these undocumented features and use them to break into the
system.
Page 12 of 15
Accounting 503 CIS Audit
Dictionary Attacks
Dictionary attacks are launched by programs which are fed with a lists (dictionaries) of commonly used words or
combinations of characters, and then compares these values to capture passwords.
Once the right combination of characters is identified, the attacker can use this password to authenticate herself
as a legitimate user.
Sometimes the attacker can even capture the password file using this kind of activity.
Bruteforce Attacks
Brute force is defined as “trying every possible combination until the correct one is identified.”
The most effective way to uncover passwords is through a hybrid attack, which combines a dictionary attack and
a brute force attack
A brute force attack is also known as an exhaustive attack.
These are usually used for wardialing in hopes of finding a modem that can be exploited to gain unauthorized
access.
Social Engineering
Social engineering is a collection of techniques used for manipulation of the natural human tendency to trust in
order to obtain information that will allow a hacker to gain unauthorized access to a valued system and the
information that resides on that system.
Forms of a Social engineering attack
o Physical: the workplace, the phone, your trash(dumpster diving), and even on-line
o Psychological: Persuasion
o Reverse Social Engineering
Access Control Models
An access control model is a framework that dictates how subjects access objects.
It uses access control technologies and security mechanisms to enforce the rules and objectives of the model.
There are three main types of access control models:
o Discretionary,
o Mandatory, and
o Nondiscretionary (also called role-based).
Discretionary Access Control
The control of access is based on the discretion (wish) of the owner
A system that uses DAC enables the owner of the resource to specify which subjects can access specific
resources
The most common implementation of DAC is through ACL’s which are dictated and set by the owners and
enforced by the OS.
Examples: Unix, Linux, Windows access control is based on DAC
DAC systems grant or deny access based on the identity of the subject. The identity can be user identity or a
group identity (Identity based access control)
Mandatory Access Control
This model is very structured and strict and is based on a security label (also known as sensitivity label) attached
to all objects
The subjects are given security clearance by classifying the subjects as secret, top secret, confidential etc.) and
the objects are also classified similarly
The clearance and the classification data is stored in the security labels, which are bound to the specific subject
and object.
When the system makes a decision about fulfilling a request to access an object it is based on the clearance of
the subject. The classification of the object and the security policy of the system
This model is used and is suitable for military systems where classifications and confidentiality is of at most
important
Page 13 of 15
Accounting 503 CIS Audit
Communication Software
Communication software is an application or program designed to pass information from one system to another. Such
software provides remote access to systems and transmits files in a multitude of formats between
computers.Communication software forms a part of communication systems with software components classified
according to functions within the Open Systems Interconnection Model (OSI Model). The best defined examples of
communication software are file transfer protocol (FTP), messaging software and email.
The concept of emailing can be traced back to the early 1960s as a way of communication for multiple users of time
sharing mainframe computers. In 1970, text chat functionality followed emailing and appeared on bulletin board
systems and multiuser computer systems. In the 1980s, the terminal emulator, a piece of software to log into
mainframes and access email, was introduced. The first decentralized chat system was the Bitnet Relay of 1985. Minitel
was yet another well-known chat system introduced at the same time. The CU-SeeMe chat system was the first
equipped with a video camera.
Instant messaging, with buddy list and idea an online presence, was introduced in 1996. More recently Voice over
Internet Protocol (VoIP) is on the short list of popular communication software. VoIP allow users to make phone calls
through the Internet at a convenient cost.
File Transfer Protocol (FTP) is a client/server protocol used for transferring files to or exchanging files with a host
computer. It may be authenticated with user names and passwords. Anonymous FTP allows users to access files,
programs and other data from the Internet without the need for a user ID or password. Web sites are sometimes
designed to allow users to use 'anonymous' or 'guest' as a user ID and an email address for a password. Publicly available
flies are often found in a directory called pub and can be easily FTPed to a user’s computer. FTP is also the Internet
standard for moving or transferring files from one computer to another using TCP or IP networks.
Page 14 of 15
Accounting 503 CIS Audit
The original FTP specification was written by Abhay Bhushan and published as RFC 114 on April 16, 1971. This was later
replaced by RFC 765 (June 1980). The current specification is RFC 959 (October 1985). RFC stands for request for
comments.
The first FTP client applications used the DOS command prompt with standardized commands and syntax. Since then,
many graphical user interface (GUI) clients have been developed within operating systems, making it easier for the user
to upload and download files.
Data is more secure and faster with private networks, but the costs are much higher. For the purpose of a
communication system with very low cost, VoIP was introduced. This technology provides fast and high quality voice
communication all over the world.
The Open Systems Interconnection (OSI) Model is a conceptual and logical layout that defines network communication
used by systems open to interconnection and communication with other systems.
The model is broken into seven subcomponents, or layers, each of which represents a conceptual collection of services
provided to the layers above and below it. The OSI Model also defines a logical network and effectively describes
computer packet transfer by using different layer protocols.
The OSI Model may also be referred to as the seven-layer OSI Model.
The OSI Model was developed by the International Organization for Standardization (ISO) in 1978. While working on a
network framework, ISO decided to develop the seven-layer model.
OSI’s seven layers are divided into two portions: hot layers and media layers. The hot portion includes the application,
presentation, session and transport layers; the media portion includes the network, data link and physical layers.
The OSI Model works in a hierarchy, assigning tasks to all seven layers. Each layer is responsible for performing assigned
tasks and transferring completed tasks to the next layer for further processing. Today, many protocols are developed
based on the OSI Model working mechanism.
Page 15 of 15