Subscription

Explore Products

Best Sellers

New Releases

Books

Videos

Audiobooks

Learning Hub

Conferences

Free Learning

You're reading from Enterprise Cloud Security and Governance Efficiently set data protection and privacy principles

Product type Paperback

Published in Dec 2017

Publisher Packt

ISBN-13 9781788299558

Length 410 pages

Edition 1st Edition

Tools

Ansible

Concepts

Cloud Security

Author (1):

Zeal Vora

View More author details

Table of Contents (11) Chapters

Preface

1. The Fundamentals of Cloud Security FREE CHAPTER

2. Defense in Depth Approach

3. Designing Defensive Network Infrastructure

4. Server Hardening

5. Cryptography Network Security

6. Automation in Security

7. Vulnerability, Pentest, and Patch Management

8. Security Logging and Monitoring

9. First Responder

10. Best Practices

SELinux

Most system administrators generally work only with basic Discretionary Access Control (DAC) to control the permission of files and directories. On the operating system that uses DAC, the user can control the permissions of the files, typically via chmod or chown commands.

However, just relying on discretionary access control is not adequate, especially at an enterprise level. There needs to be a more granular refinement in permissions. Let's look into one such use case where DAC will not help:

Every program run by the user inherits all the permissions of the user. There are many programs such as Apache that must run as root user. In such a case, Apache will inherit all the permissions of the root user. Since Apache is a web server and lots of people outside your network will communicate with it to see web pages, if a malicious hacker compromises the Apache process...

The rest of the chapter is locked

A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.

Unlock this book and the full library FREE for 7 days

Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of

Start free trial

Renews at $19.99/month. Cancel anytime

Authors (1)

Vora

Zeal Vora works as a DevSecOps Engineer primarily in the area of Defensive Security. He spends his days protecting and implementing security controls to help mitigate attacks both on the Cloud and servers. He is actively involved in security consultation, helping various startups which have been breached to overcome the breach and start again with a secure infrastructure.

See other products by Vora