Critical Analysis: Windows System Security Goals and Auditing

Verified

Added on 2022/08/12

AI Summary

This essay provides a comprehensive analysis of Windows system security, addressing key aspects such as security goals, auditing practices, and control measures. It begins by outlining the primary objectives of information security systems, emphasizing the importance of data confidentiality, availability, and integrity within the Windows operating system. The essay then delves into how to assess whether a system is meeting its security goals, exploring the functionality of access controls like Windows Defender Smart Screen, User Account Control, and Microsoft BitLocker. Furthermore, it details various auditing practices and procedures that organizations can implement, including the configuration of Windows Audit Policies to monitor account logon events, account management, access to Active Directory, and object access. The essay also underscores the significance of tracking changes in policies, processes, privilege use, and system events to maintain a robust security posture. By integrating these elements, the essay provides a practical guide for securing enterprise infrastructure and aligning security measures with business processes.

Running head: SYSTEM SECURITY AT WINDOWS
SYSTEM SECURITY AT WINDOWS
Name of the student:
Name of the university:
Author Note:

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

1SYSTEM SECURITY AT WINDOWS
Abstract
The organizations are bend to make their security systems strengthened nowadays in order to
protect their most important asset, their information. Security is applied on the systems,
operations as well as the internal controls, in order to maintain the integrity and
confidentiality of data. The hackers nowadays also incorporate different smart techniques to
cause damage to the malicious codes and extract important data from the information
systems. Hence, in this report, the security goals of the Windows Operating System are
discussed thoroughly such that the organizations can align these goals with their business
process before incorporating the system. Moreover, the control measures for the different
features of Microsoft Windows are included to check how these controls functions properly
for implementing security of the organization. Finally, in the last section of the paper the
security tools and audit principles are revised for an organization to function efficiently with
the Windows Operating System.

2SYSTEM SECURITY AT WINDOWS
Table of Contents
Introduction................................................................................................................................3
How do you know if your system is meeting your security goals?...........................................3
You can verify that controls are working, but how do you know if they are getting the job
done?..........................................................................................................................................4
What auditing practices or procedures would you implement for your organization? Why?. . .5
Conclusion..................................................................................................................................7
References..................................................................................................................................8

3SYSTEM SECURITY AT WINDOWS
Introduction
The aim of the Information Security Systems of an organization is to safeguard the
data of the organization and allow access to it only to the relevant users. The Information
Systems are based on certain operating Systems like the Windows Operating System that has
in-built access controls that allows the specific users to get access to particular type of data
(Solomon, 2019). These security measures are also responsible for preventing security breach
by implementing Windows Defender Firewalls, strong encryption methods and so on. The
main purpose of the security policies and controls is to maintain the data consistency and
integrity of the system. This paper will discuss the security goals of Windows in details, the
functionality of the access controls and the auditing practices that will be beneficial for the
organization.
How do you know if your system is meeting your security goals?
The Operating Systems of an organization are not only responsible for accomplishing
the software functionalities, but also maintain privacy and confidentiality of data. The three
major goals of Windows Operating System is to maintain:
 Data Confidentiality
 Data Availability
 Data Integrity
Confidentiality of data is referred to maintaining privacy of the data from
unauthorized access. A system should be highly proficient in securing the data from users
who do not possess the validation of getting access to it. View of Data should be classified
into three levels such as the physical level, the logical level and the view level, according to
which the users should get access to the data. The encryption methods and firewalls are the
barriers that prevent the data from being hacked by the hackers (Jain, Sharma & Gupta,

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

4SYSTEM SECURITY AT WINDOWS
2016). Hence, an operating system should be efficient in maintaining the data confidentiality
from different types of users.
Again, data availability is another major criterion by which the security goals of the
system can be justified. The data availability models should incorporate features like Denial
of Service (DoS) such that if any unauthorized user tries to get access to any data, he will be
denied straightaway from such access. In addition, system alerts should work immediately
such that the authorized users can receive notifications about data being hacked. In this way,
a system will be efficiently securing its data from unintentional attacks (Henttunen, 2018).
There might be instances of natural disasters that will lead to crash of system, making data
availability a major concern. Hence, a secured system should address this challenge of data
availability at such situations.
Lastly, the data integrity is the criterion by which the consistency of data is verified
both before and after a certain operation. After batch transactions, the data should be intact as
before to meet the security goals of the system (Riaz et al., 2016). Hence, unauthorised access
should be prevented by the security system in order to prevent unnecessary modifications to
programs. The integrity models of the security system should also maintain the internal as
well as the external consistency of the data and the programs of the system.
Thus, while protecting an information system of an organization, the three goals of
confidentiality, availability and integrity should be met in creating the security policies and
procedures.
You can verify that controls are working, but how do you know if they are
getting the job done?
Enterprises nowadays face common hacking problems such as ransom ware, phishing
attacks, key loggers, spyware and so on. Hence, an organization should implement various

5SYSTEM SECURITY AT WINDOWS
control measures in their security system and embark on a comprehensive security procedure
to combat the issues of data leakage and hacking (Westland, 2020). Windows Operating
System incorporates various security control features that helps the systems of an
organization highly secured. For instance, the Windows Defender Smart Screen is a multiple
layer of defence against phishing attacks and is one of the best malware protection strategies
of the operating system (Berghel, 2017). It prevents the employees to download files that
contain virus and thus prevents the system from getting affected. It is detected by the fake
advertisements, fraud sites and so on. Thus, if there are no more display of such
advertisements or pop-ups, one can be sure that the smart screen control feature is working
well for the systems.
User Account Control is another control feature of Windows Operating system that
deploys an efficiently managed desktop to its users. The tasks and programs are run in the
non-administrator account unless the system administrator allows to administrator-level
access to the system. This feature allows the user to block automatic installations. Hence, if a
user can have control on its updates and can have a control over the change of settings; it
means that the control feature is working well. Microsoft Bit locker is another control feature
to provide security to the files and folders of the system (Morris, Becker & Parkin, 2019). It
does not allow any unauthorised access, and makes sure that the data is inaccessible if the
system is decommissioned or recycled. Hence, if there is no loss of data, it means that the
system is tightly secured with strong security systems.
What auditing practices or procedures would you implement for your
organization? Why?
The Windows Audit Policy is a compilation of the compliances and the regulations
that has to be met while incorporating Windows Operating System within an organization to

6SYSTEM SECURITY AT WINDOWS
ensure the strengthened security of the systems in the organization. Hence, to set up the
Windows Audit Policies, an organization at first need to have an Active Directory deployed
in their system for better security system (Turner & Galloway, 2019). Changes made to the
policies should be permissible because that will grant the changes in policies according to the
situations and circumstances.
The Audit Policy Configuration for Windows should incorporate the following
metrics for Windows Security event log:
Account Logon Events: Auditing Logon events, the organization can check the access time of
the employees to their systems and keep a track when they are logging off from their systems.
These logon events are tracked and kept in the security log of the domain controller as a
record.
Account Management: If certain changes are made to the users, groups or the administrative
accounts, these events are tracked down from the machines and managed accordingly as
incorporated in the policy (Leppänen, 2017).
Access to Active Directory: The access to the Active Directory is another section that should
be included in the policy to keep a track about the users who have an access to the directory.
Logon Events: If a user is logging into an event and again logging out of that, it is tracked
down by the Logon events and the data is securely stored for further use.
Access to Objects: Printers, files and folders are considered the objects of the system. Hence,
access to those objects should be audited according to the policy of the Windows Operating
System (Tixteco et al., 2016).
Change in Policies: Changes in policies should be granted that would help to renew audit
policies, trust policies or changes made to user rights.

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

7SYSTEM SECURITY AT WINDOWS
Tracking of Process: The wanted as well as the unwanted processes are tracked down by this
section of the audit policy that includes the initiation of a process, halt of a process and so on.
Privilege Use: Privilege to services such as accessing objects or systems should be tracked by
this part of the policy.
System Events: Events of logging in an out of the operating systems along with security
events should also be incorporated in the policy.
Conclusion
Security is the integral part of any operating system because it facilitates with the
privacy of the system and its components. Any organization will look for the security features
like firewall protection or encryption methods in their operating system such that they can
gain confidence about data confidentiality, integrity and availability. Hence, Windows
Operating System is successful in its venture of providing security enhancements to the
organizations through its various security features. The policies of Windows are also flexible
to be implemented for the security and audit purpose for any organization.

8SYSTEM SECURITY AT WINDOWS
References
Berghel, H. (2017). A Quick Take on Windows Security Evolution. Computer, 50(5), 120-
124.
Henttunen, K. (2018). Automated hardening and testing CentOS linux 7: security profiling
with the USGCB baseline.
Jain, A., Sharma, B., & Gupta, P. (2016). Internet of things: Architecture, security goals, and
challenges—a survey. International journal of innovative research in science and
engineering, 2(4), 154-163.
Leppänen, T. (2017). Practical implementation of Windows end-point security controls:
Facing the KATAKRI requirements.
Morris, J., Becker, I., & Parkin, S. (2019, February). In Control with no Control: Perceptions
and Reality of Windows 10 Home Edition Update Features. In Proc. USEC (Vol.
2019). NDSS Symposium.
Riaz, M., Stallings, J., Singh, M. P., Slankas, J., & Williams, L. (2016, September). DIGS: A
framework for discovering goals for security requirements engineering.
In Proceedings of the 10th ACM/IEEE International Symposium on Empirical
Software Engineering and Measurement (pp. 1-10).
Solomon, M. G. (2019). Security strategies in windows platforms and applications. Jones &
Bartlett Learning.
Tixteco, M. D. C. P., Tixteco, L. P., Pérez, G. S., & Toscano, L. K. (2016). Intrusion
Detection Using Indicators of Compromise Based on Best Practices and Windows
Event Logs. In Cimp 2016: the eleventh international conference on internet
monitoring and protection.

9SYSTEM SECURITY AT WINDOWS
Turner, J. E., & Galloway, A. E. (2019). Discovering Cyber Indicators of Compromise on
Windows OS 10 Clients Using PowerShell and the. Net Framework. Naval
Postgraduate School Monterey United States.
Westland, J. C. (2020). The information content of sarbanes-oxley in predicting security
breaches. Computers & Security, 90, 101687.