Operating System and Web Security: Study Notes, Schemes and Mind Maps of Information Security and Markup Languages

An overview of operating system and web security, covering topics such as security features of modern operating systems, patch management, system hardening, web security threats, https, secure web application development, and common web security tools. It includes practical examples and best practices for securing systems and websites, making it a useful resource for students and professionals in the field of cybersecurity. Structured to provide a clear understanding of the fundamental concepts and techniques involved in protecting systems and data from various threats. It also highlights the importance of staying updated with the latest security measures and tools to ensure robust protection against evolving cyber threats. This study note is useful for university students.

Typology: Schemes and Mind Maps

2024/2025

Available from 09/07/2025

sage-29
sage-29 🇮🇳

5 documents

1 / 4

Toggle sidebar

This page cannot be seen from the preview

Don't miss anything!

bg1
Notes on Operating System and Web Security
Study Notes
May 14, 2025
Contents
1 Operating System Security ............................ 2
1.1 Security Features of Modern Operating Systems ............ 2
1.2 Patch Management .............................. 2
1.3 System Hardening ............................... 2
2 Web Security ..................................... 3
2.1 Web Security Threats ............................. 3
2.2 HTTPS ...................................... 3
2.3 Secure Web Application Development ................... 4
2.4 Common Web Security Tools ........................ 4
3 Conclusion ...................................... 4
1
pf3
pf4

Partial preview of the text

Download Operating System and Web Security: Study Notes and more Schemes and Mind Maps Information Security and Markup Languages in PDF only on Docsity!

Notes on Operating System and Web Security

 - May 14, Study Notes 
  • 1 Operating System Security Contents
    • 1.1 Security Features of Modern Operating Systems
    • 1.2 Patch Management
    • 1.3 System Hardening
  • 2 Web Security
    • 2.1 Web Security Threats
    • 2.2 HTTPS
    • 2.3 Secure Web Application Development
    • 2.4 Common Web Security Tools
  • 3 Conclusion

1 Operating System Security

Operating System (OS) security involves protecting the OS from threats and en- suring it runs safely. Modern operating systems like Windows, Linux, and ma- cOS have built-in security features to protect data, manage updates, and harden systems against attacks.

1.1 Security Features of Modern Operating Systems

Modern OSs come with tools to keep systems secure. Here are some key features:

  • Firewalls : Block unauthorized network access. For example, Windows Firewall filters incoming and outgoing traffic.
  • / User Account Control (UAC): In Windows, UAC asks for permission before allowing apps to make system changes, preventing malware.
  • File Encryption : Tools like BitLocker (Windows) or FileVault (macOS) en- crypt data to protect it if a device is stolen.
  • Antivirus Integration : Windows Defender in Windows scans for malware in real-time.
  • Access Controls : Linux uses permissions (read, write, execute) to control who can access files or folders.

1.2 Patch Management

Patch management is the process of updating software to fix security issues or bugs.

  • Why It’s Important : Hackers exploit known vulnerabilities in outdated software. Patches close these gaps.
  • How It Works : OSs like Windows and Linux release updates regularly. For example, Windows Update automatically downloads patches.
  • Best Practices : - Enable automatic updates to stay protected. - Test patches on a small system before applying them everywhere. - Monitor vendor websites (e.g., Microsoft, Ubuntu) for security advi- sories.

1.3 System Hardening

System hardening means making an OS more secure by reducing vulnerabilities.

  • Example : Websites with https:// show a padlock in browsers, indicating safety.
  • Best Practice : Always use HTTPS for websites handling sensitive data.

2.3 Secure Web Application Development

Building secure web apps prevents attacks. Key practices include:

  • Input Validation : Check all user inputs to block malicious code (e.g., pre- vent SQL injection).
  • Use Secure APIs : Use trusted libraries and frameworks like React or Django with built-in security.
  • Session Management : Use secure cookies and short session timeouts to protect user sessions.
  • Regular Testing : Test apps for vulnerabilities during development using tools like OWASP ZAP.
  • Example : Sanitize user inputs in a web form to prevent XSS attacks.

2.4 Common Web Security Tools

These tools help identify and fix web security issues:

  • Burp Suite : Scans web apps for vulnerabilities like SQL injection or XSS.
  • OWASP ZAP : An open-source tool for testing web app security during de- velopment.
  • Wireshark : Analyzes network traffic to detect suspicious activity.
  • Metasploit : A penetration testing tool to find and exploit vulnerabilities.
  • Example Use : Run OWASP ZAP to scan a website and generate a report of potential risks.

3 Conclusion

Operating system security and web security are critical for protecting systems and data. Modern OSs use firewalls, encryption, and updates to stay secure, while patch management and system hardening reduce risks. Web security in- volves defending against threats like XSS and SQL injection, using HTTPS, secure coding, and tools like Burp Suite. Understanding and applying these concepts ensures safer systems and websites.