Previous Page
Next Page

Chapter 4. User and Security Administration


The following objectives for Exam CX-310-200 are covered in this chapter:

Explain and perform Solaris 10 OS user administration, and manage user accounts and initialization files.

  • You need to know how to use the commands and utilities to set up user accounts, and you need to understand which files are configured and how the information is formatted in those files.

    When you set up user accounts, you can customize each user's session by using initialization files that are run each time the user logs in. This chapter describes how to administer each initialization file.

Monitor system access by using appropriate commands.

  • You also need to control access to the operating system via user logins. Only users who have active logins should have access to the system. You need to control the level of access that each user will have. In addition to controlling system access, you need to monitor the system for unauthorized use.

Perform system security administration tasks by switching users on a system, and by becoming root and monitoring su attempts.

  • Users sometimes obtain logins and passwords from other users. You need to monitor the system for any user that may be switching to a user account that they have not been authorized to usethis includes monitoring unauthorized use of the root account.

Control system security through restricting FTP access and using /etc/hosts.equiv and $HOME/.rhosts files and SSH fundamentals.

  • You need to understand the vulnerabilities that are presented to your system by network services such as FTP, Telnet, and other forms of remote access. You need to restrict access to these facilities and ensure that unauthorized users do not gain access to your system over the network via an unsecured network service.

Restrict access to data in files through the use of group membership, ownership, and special file permissions.

  • As a system administrator, you need to be able to assign access to directories and files by using the standard Solaris permissions scheme. Understanding this permission scheme and applying it to user and group IDs is necessary for controlling access to critical system data.

Previous Page
Next Page