UNIT-V

System Protection: Goals of protection

1 What is System Protection? Explain in detail the Goals of Protection[7M] [SET -1][Dec
2023]

Principles of Protection

• The principle of least privilege dictates that programs, users, and systems be given just
enough privileges to perform their tasks.
• This ensures that failures do the least amount of harm and allow the least of harm to be
done.
• For example, if a program needs special privileges to perform a task, it is better to make
it a SGID program with group ownership of "network" or "backup" or some other
pseudo group, rather than SUID with root ownership. This limits the amount of damage
that can occur if something goes wrong.
• Typically each user is given their own account, and has only enough privilege to modify
their own files.
• The root account should not be used for normal day to day activities - The System
Administrator should also have an ordinary account, and reserve use of the root account
for only those tasks which need the root privileges

Goals of Security System

There are several goals of system security. Some of them are as follows:

1. Integrity
Unauthorized users must not be allowed to access the system's objects,
and users with insufficient rights should not modify the system's critical files
and resources.

2. Secrecy
The system's objects must only be available to a small number of
authorized users. The system files should not be accessible to everyone.

3. Availability

All system resources must be accessible to all authorized users, i.e., no single user/process should be
able to consume all system resources. If such a situation arises, service denial may occur. In this
case, malware may restrict system resources and preventing legitimate processes from accessing
them

Principles and domain of protection

2 Explain the Domain protection mechanism in detail[7M] [SET -1][Dec 2022]
Principles of Protection

• The principle of least privilege dictates that programs, users, and systems be given just
enough privileges to perform their tasks.
• This ensures that failures do the least amount of harm and allow the least of harm to be
done.
• For example, if a program needs special privileges to perform a task, it is better to make
it a SGID program with group ownership of "network" or "backup" or some other
pseudo group, rather than SUID with root ownership. This limits the amount of damage
that can occur if something goes wrong.
• Typically each user is given their own account, and has only enough privilege to modify
their own files.
• The root account should not be used for normal day to day activities - The System
Administrator should also have an ordinary account, and reserve use of the root account
for only those tasks which need the root privileges

Domain of Protection

• A computer can be viewed as a collection of processes and objects (both HW & SW).
• The need to know principle states that a process should only have access to those
objects it needs to accomplish its task,.
• The modes available for a particular object may depend upon its type.

Domain Structure

• A protection domain specifies the resources that a process may access.

• Each domain defines a set of objects and the types of operations that may be invoked
on each object.
• An access right is the ability to execute an operation on an object.
• A domain is defined as a set of < object, { access right set } > pairs, as shown below.
Note that some domains may be disjoint while others overlap.

Figure - System with three protection domains.

• The association between a process and a domain may be static or dynamic.

o If the association is static, then the need-to-know principle requires a way of
changing the contents of the domain dynamically.
o If the association is dynamic, then there needs to be a mechanism for domain
switching.
Access matrix

3 Explain the implementation of access control list and access control

matrix[7M] [SET -3][Dec 2023]

Access Matrix

The Access Matrix is a security model for a computer system's protection state.An
access matrix is used to specify the permissions of each process running in the domain for each
object. The rows of the matrix represent domains, whereas the columns represent objects.
Every matrix cell reflects a set of access rights granted to domain processes, i.e., each entry (i,
j) describes the set of operations that a domain Di process may invoke on object Oj.

There are various methods of implementing the access matrix in the operating system.
These methods are as follows:

1. Global Table

2. Access Lists for Objects

3. Capability Lists for Domains

4. Lock-Key Mechanism

Global Table

It is the most basic access matrix implementation. A set of ordered triples <domain,
object, rights-set> is maintained in a file. When an operation M has been performed on an
object Oj within domain Di, the table is searched for a triple <Di, Oj, Rk>..

Access Lists for Objects

Every access matrix column may be used as a single object's access list. It is possible
to delete the blank entries. For each object, the resulting list contains ordered pairs <domain,
rights-set> that define all domains for that object and a nonempty set of access rights.

Capability Lists for Domains

A domain's capability list is a collection of objects and the actions that can be done on
them. A capacity is a name or address that is used to define an object. If you want to perform
operation M on object Oj, the process runs operation M, specifying the capability for
object Oj. The simple possession of the capability implies that access is allowed.

Lock-Key Mechanism

It is a compromise between the access lists and the capability lists. Each object has a
list of locks, which are special bit patterns. On the other hand, each domain has a set of keys
that are special bit patterns. A domain-based process could only access an object if a domain
has a key that satisfies one of the locks on the object. The process is not allowed to modify its
keys.

In this example, there are 4 domains and objects in the above matrix, and also consider 3 files
(including F1, F2, and F3) and one printer. Files F1 and F3 can be read by a process running
in D1. A process running in domain D4 has the same rights as D1, but it may also write on
files.
Only one process running in domain D2 has access to the printer.

According to the matrix, a process running in domain D2 can transition to

domains D3 and D4. A process in domain D4 may change to domain D1, and a process in
domain D1 may change to domain D2.

Access control

Access control is an essential element of security that determines who is allowed to

access certain data, apps, and resources.Access control policies rely heavily on techniques like
authentication and authorization, which allow organizations verify both that users are who they
say they are and that these users are granted the appropriate level of access based on context
such as device, location, role, and much more.

Access control keeps confidential information

There are four main types of access control – each of which administrates access to
sensitive information in a unique way.
• Discretionary Access Control (DAC)

In DAC models, every object in a protected system has an owner, and

owners grant access to users at their discretion. DAC provides case-by-case
control over resources
• Mandatory Access Control (MAC)
 In MAC models, users are granted access in the form of a clearance. A
central authority regulates access rights and organizes them into tiers, which
uniformly expand in scope. This model is very common in government and
military contexts
• Role Based Access Control (RBAC)

In RBAC models, access rights are granted based on defined business

functions, rather than individuals’ identity or seniority. The goal is to provide
users only with the data they need to perform their jobs—and no more
• Attribute Based Access Control (ABAC)

In ABAC models, access is granted flexibly based on a combination of

attributes and environmental conditions, such as time and location. ABAC is
the most granular access control model and helps reduce the number of role
assignments

Access Control involves identifying a user based on their credentials and then
authorizing the appropriate level of access once they are authenticated.
Passwords, pins, security tokens—and even biometric scans—are all credentials
commonly used to identify and authenticate a user. Multifactor authentication (MFA) adds
another layer of security by requiring that users be verified by more than just one
verification method.

Implementation of Access Control

• Connect on goals
Align with decision makers on why it’s important to implement an access control
solution. There are many reasons to do this—not the least of which is reducing risk
to your organization. Other reasons to implement an access control solution might
include:
• Productivity: Grant authorized access to the apps and data employees need to
accomplish their goals—right when they need them.
• Security: Protect sensitive data and resources and reduce user access friction with
responsive policies that escalate in real-time when threats arise.
• Self-service: Delegate identity management, password resets, security
monitoring, and access requests to save time and energy.

Access control
4 Discuss the types of Access and Access controls in Operating System[7M][SET
-2][Dec 2022]

Access control

Access control is an essential element of security that determines who is allowed to

access certain data, apps, and resources.Access control policies rely heavily on techniques like
authentication and authorization, which allow organizations verify both that users are who they
say they are and that these users are granted the appropriate level of access based on context
such as device, location, role, and much more.

Access control keeps confidential information

There are four main types of access control – each of which administrates access to
sensitive information in a unique way.
• Discretionary Access Control (DAC)

In DAC models, every object in a protected system has an owner, and

owners grant access to users at their discretion. DAC provides case-by-case
control over resources
• Mandatory Access Control (MAC)

In MAC models, users are granted access in the form of a clearance. A

central authority regulates access rights and organizes them into tiers, which
uniformly expand in scope. This model is very common in government and
military contexts
• Role Based Access Control (RBAC)

In RBAC models, access rights are granted based on defined business

functions, rather than individuals’ identity or seniority. The goal is to provide
users only with the data they need to perform their jobs—and no more
• Attribute Based Access Control (ABAC)

In ABAC models, access is granted flexibly based on a combination of

attributes and environmental conditions, such as time and location. ABAC is
the most granular access control model and helps reduce the number of role
assignments

Access Control involves identifying a user based on their credentials and then
authorizing the appropriate level of access once they are authenticated.
Passwords, pins, security tokens—and even biometric scans—are all credentials
commonly used to identify and authenticate a user. Multifactor authentication (MFA) adds
another layer of security by requiring that users be verified by more than just one
verification method.

Implementation of Access Control

• Connect on goals
Align with decision makers on why it’s important to implement an access control
solution. There are many reasons to do this—not the least of which is reducing risk
to your organization. Other reasons to implement an access control solution might
include:
 • Productivity: Grant authorized access to the apps and data employees need to
accomplish their goals—right when they need them.
• Security: Protect sensitive data and resources and reduce user access friction with
responsive policies that escalate in real-time when threats arise.
• Self-service: Delegate identity management, password resets, security
monitoring, and access requests to save time and energy.

Revocation of access rights

5Write a brief note on Revocation of Access Rights[7M] [SET -4][Dec 2023]

Revocation of Access Rights

Reacquisition - Capabilities are periodically revoked from each domain, which must then re-
acquire them.

Back-pointers - A list of pointers is maintained from each object to each capability which is
held for that object.

Indirection - Capabilities point to an entry in a global table rather than to the object. Access
rights can be revoked by changing or invalidating the table entry, which may affect multiple
processes, which must then re-acquire access rights to continue.

Keys - A unique bit pattern is associated with each capability when created, which can be
neither inspected nor modified by the process.

▪ A master key is associated with each object.

▪ When a capability is created, its key is set to the object's master key.
▪ As long as the capability's key matches the object's key, then the
capabilities remain valid.
▪ The object master key can be changed with the set-key command,
thereby invalidating all current capabilities.
▪ More flexibility can be added to this scheme by implementing a list of
keys for each object, possibly in a global table.

System Security: Introduction

6 Discuss various System threats endangering the security of a system[7M] [SET -
2][Dec 2022]

System security

System security may be threatened through two violations, and these are as follows:

1. Threat
A program that has the potential to harm the system seriously.

2. Attack
A breach of security that allows unauthorized access to a resource.
 There are two types of security breaches that can harm the system: malicious and
accidental. Malicious threats are a type of destructive computer code or web script that is
designed to cause system vulnerabilities that lead to back doors and security breaches. On the
other hand, Accidental Threats are comparatively easier to protect against.

Security may be compromised through the breaches. Some of the breaches are as
follows:

1. Breach of integrity
This violation has unauthorized data modification.

2. Theft of service
It involves the unauthorized use of resources.

3. Breach of confidentiality
It involves the unauthorized reading of data.

4. Breach of availability
It involves the unauthorized destruction of data.

5. Denial of service
It includes preventing legitimate use of the system. Some attacks may be
accidental.

Goals of Security System

There are several goals of system security. Some of them are as follows:

1. Integrity
Unauthorized users must not be allowed to access the system's objects,
and users with insufficient rights should not modify the system's critical files
and resources.

2. Secrecy
The system's objects must only be available to a small number of
authorized users. The system files should not be accessible to everyone.

3. Availability
All system resources must be accessible to all authorized users, i.e., no
single user/process should be able to consume all system resources. If such a
situation arises, service denial may occur. In this case, malware may restrict
system resources and preventing legitimate processes from accessing them.

Program threats
7 Explain in detail about Program Threats[7M] [SET -2][Dec 2023]
Program threats

The operating system's processes and kernel carry out the specified task as directed.
Program Threats occur when a user program causes these processes to do malicious operations.
1.Virus
A virus may replicate itself on the system. Viruses are extremely dangerous and
can modify/delete user files as well as crash computers. A virus is a little piece of code
that is implemented on the system program. As the user interacts with the program, the
virus becomes embedded in other files and programs, potentially rendering the system
inoperable.

2. Trojan Horse
This type of application captures user login credentials. It stores them to transfer
them to a malicious user who can then log in to the computer and access system
resources.

3. Logic Bomb
A logic bomb is a situation in which software only misbehaves when particular
criteria are met; otherwise, it functions normally.

4. Trap Door
A trap door is when a program that is supposed to work as expected has a
security weakness in its code that allows it to do illegal actions without the user's
knowledge.

System Threats

System threats are described as the misuse of system services and network connections
to cause user problems. These threats may be used to trigger the program threats over an entire
network, known as program attacks.Some of them are as follows:
1.Port Scanning
It is a method by which the cracker determines the system's vulnerabilities for
an attack. It is a fully automated process that includes connecting to a specific port via
TCP/IP. To protect the attacker's identity, port scanning attacks are launched through
Zombie Systems, which previously independent systems now serve their owners while
being utilized for such terrible purposes.

2. Worm
The worm is a process that can choke a system's performance by exhausting all system
resources. A Worm process makes several clones, each consuming system resources
and preventing all other processes from getting essential resources. Worm processes
can even bring a network to a halt.

3. Denial of Service
Denial of service attacks usually prevents users from legitimately using the
system. For example, if a denial-of-service attack is executed against the browser's
content settings, a user may be unable to access the internet.
System and network threats

8Define threat. Explain in detail about System and Network Threats[7M] [SET -1][Dec 2023]

System Threats

System threats are described as the misuse of system services and network connections
to cause user problems. These threats may be used to trigger the program threats over an entire
network, known as program attacks.Some of them are as follows:
1.Port Scanning
It is a method by which the cracker determines the system's vulnerabilities for
an attack. It is a fully automated process that includes connecting to a specific port via
TCP/IP. To protect the attacker's identity, port scanning attacks are launched through
Zombie Systems, which previously independent systems now serve their owners while
being utilized for such terrible purposes.

2. Worm
The worm is a process that can choke a system's performance by exhausting all system
resources. A Worm process makes several clones, each consuming system resources
and preventing all other processes from getting essential resources. Worm processes
can even bring a network to a halt.

3. Denial of Service
Denial of service attacks usually prevents users from legitimately using the
system. For example, if a denial-of-service attack is executed against the browser's
content settings, a user may be unable to access the internet.

Network Threats

1. Unauthorized access

Unauthorized access refers to attackers accessing a network without receiving

permission. Among the causes of unauthorized access attacks are weak passwords,
lacking protection against social engineering, previously compromised accounts, and
insider threats.
2. Distributed Denial of Service (DDoS) attacks
Attackers build botnets, large fleets of compromised devices, and use them to direct
false traffic at your network or servers. DDoS can occur at the network level,
3. Man in the middle attacks
A man in the middle attack involves attackers intercepting traffic, either between your
network and external sites or within your network
4. Code and SQL injection attacks
Many websites accept user inputs and fail to validate and sanitize those inputs.
Attackers can then fill out a form or make an API call, passing malicious code instead
of the expected data values. The code is executed on the server and allows attackers to
compromise it.
5. Privilege escalation
Once attackers penetrate your network, they can use privilege escalation to expand their
reach..
 6. Insider threats
A network is especially vulnerable to malicious insiders, who already have privileged
access to organizational systems. Insider threats can be difficult to detect and protect
against, because insiders do not need to penetrate the network in order to do harm.

Cryptography for security

9 How is Cryptography used for System Security and Authentication[7M][SET -

3][Dec 2022]

Cryptography for Security

Cryptography is the study of securing communications from outside
observers. Encryption algorithms take the original message, or plaintext, and convert it into
cipher text, which is not understandable. The key allows the user to decrypt the message, thus
ensuring on they can read the message. The strength of the randomness of an encryption is also
studied, which makes it harder for anyone to guess the key or input of the algorithm.

Cryptography focuses on four different objectives:

1. Confidentiality: Confidentiality ensures that only the intended recipient can

decrypt the message and read its contents.

2. Non-repudiation: Non-repudiation means the sender of the message cannot

backtrack in the future and deny their reasons for sending or creating the message.

3. Integrity: Integrity focuses on the ability to be certain that the information

contained within the message cannot be modified while in storage or transit.

4. Authenticity: Authenticity ensures the sender and recipient can verify each
other’s identities and the destination of the message.

Types of Cryptography
Cryptography can be broken down into three different types:

• Secret Key Cryptography

• Public Key Cryptography
• Hash Functions

Secret Key Cryptography, or symmetric cryptography, uses a single key to encrypt data.
Both encryption and decryption in symmetric cryptography use the same key, making this the
easiest form of cryptography. Secret Key Examples:

• AES
• DES
• Caesar Cipher
 Public Key Cryptography, or asymmetric cryptography, uses two keys to encrypt data.
One is used for encryption, while the other key can decrypts the message. Unlike symmetric
cryptography, if one key is used to encrypt, that same key cannot decrypt the message, rather
the other key shall be used.

One key is kept private, and is called the “private key”, while the other is shared
publicly and can be used by anyone, hence it is known as the “public key”.

Examples:
 • ECC
• Diffie-Hellman
• DSS

User authentication
10 How does User Authentication secure the system? Explain[7M] [SET -3][Dec 2023]

User Authentication

User authentication is a method that keeps unauthorized users from accessing sensitive
information. For example, User A only has access to relevant information and cannot see the
sensitive information of User B

Five Common Authentication Types

some common authentication methods used to secure modern systems.

1. Password-based authentication

Passwords are the most common methods of authentication. Passwords can be

in the form of a string of letters, numbers, or special characters. To protect yourself you
need to create strong passwords that include a combination of all possible options.

2. Multi-factor authentication

Multi-Factor Authentication (MFA) is an authentication method that requires

two or more independent ways to identify a user. Examples include codes generated
from the user’s smartphone, Captcha tests, fingerprints, voice biometrics or facial
recognition.

3. Certificate-based authentication
 Certificate-based authentication technologies identify users, machines or
devices by using digital certificates. A digital certificate is an electronic document
based on the idea of a driver’s license or a passport.

4. Biometric authentication

Biometrics authentication is a security process that relies on the unique biological

characteristics of an individual.

Biometric authentication technologies are used by consumers, governments and private

corporations including airports, military bases, and national borders.

Facial recognition—matches the different face characteristics of an individual trying

to gain access to an approved face stored in a database.

Fingerprint scanners—match the unique patterns on an individual’s fingerprints.

Speaker Recognition —also known as voice biometrics, examines a speaker’s speech

patterns for the formation of specific shapes and sound qualities.

Eye scanners—include technologies like iris recognition and retina scanners. Iris
scanners project a bright light towards the eye and search for unique patterns in the colored
ring around the pupil of the eye. The patterns are then compared to approved information stored
in a database. Eye-based authentication may suffer inaccuracies if a person wears glasses or
contact lenses.

5. Token-based authentication

Token-based authentication technologies enable users to enter their credentials

once and receive a unique encrypted string of random characters in exchange.

Implementing security defences

11 Explain in detail about Implementing Security Defenses[7M] [SET -4][Dec 2023]

System security

System security may be threatened through two violations, and these are as follows:

1. Threat
A program that has the potential to harm the system seriously.

2. Attack
A breach of security that allows unauthorized access to a resource.

There are two types of security breaches that can harm the system: malicious and
accidental. Malicious threats are a type of destructive computer code or web script that is
designed to cause system vulnerabilities that lead to back doors and security breaches. On the
other hand, Accidental Threats are comparatively easier to protect against.
 Security may be compromised through the breaches. Some of the breaches are as
follows:

1. Breach of integrity
This violation has unauthorized data modification.

2. Theft of service
It involves the unauthorized use of resources.

3. Breach of confidentiality
It involves the unauthorized reading of data.

4. Breach of availability
It involves the unauthorized destruction of data.

5. Denial of service
It includes preventing legitimate use of the system. Some attacks may be
accidental.

Firewalling to protect systems and networks

12 How does Firewall protect systems and networks? Give its classification[7M] [SET -
3][Dec 2023]

Firewalling to protect Systems & Networks

'firewall' that prevents unauthorized access and keeps our computers and data safe and
secure.

A firewall can be defined as a special type of network security device or a software

program that monitors and filters incoming and outgoing network traffic based on a defined set
of security rules. It acts as a barrier between internal private networks and external sources
(such as the public Internet).

The primary purpose of a firewall is to allow non-threatening traffic and prevent

malicious or unwanted data traffic for protecting the computer from viruses and attacks.
 This is one of the most problematic questions whether a firewall is a hardware or
software.

Firewalls are primarily used to prevent malware and network-based attacks.

Additionally, they can help in blocking application-layer attacks. These firewalls act as a
gatekeeper or a barrier.

Firewalls are designed in such a way that they can react quickly to detect and counter-
attacks throughout the network.

Some of the important risks of not having a firewall are:

1. Open Access

If a computer is running without a firewall, it is giving open access to other

networks. This means that it is accepting every kind of connection that comes
through someone.

Lost or Comprised Data

Without a firewall, we are leaving our devices accessible to everyone. This

means that anyone can access our device and have complete control over it,
including the network. In this case, cybercriminals can easily delete our data or use
our personal information for their benefit.

2. Network Crashes

In the absence of a firewall, anyone could access our network and shut it
down. It may lead us to invest our valuable time and money to get our network
working again.

Therefore, it is essential to use firewalls and keep our network, computer, and data safe
and secure from
 .

Firewalls have become so powerful, and include a variety of functions and capabilities
with built-in features:

o Network Threat Prevention

o Application and Identity-Based Control

o Hybrid Cloud Support

o Scalable Performance

o Network Traffic Management and Control

o Access Validation

o Record and Report on Events

Limitations of Firewall

When it comes to network security, firewalls are considered the first line of defense.
But the question is whether these firewalls are strong enough to make our devices safe from
cyber-attacks. The answer may be "no". The best practice is to use a firewall system when
using the Internet. However, it is important to use other defense systems to help protect the
network and data stored on the computer. Because cyber threats are continually evolving, a
firewall should not be the only consideration for protecting the home network.

The importance of using firewalls as a security system is obvious; however, firewalls

have some limitations:
 o Firewalls cannot stop users from accessing malicious websites, making it vulnerable to
internal threats or attacks.

o Firewalls cannot protect against the transfer of virus-infected files or software.

o Firewalls cannot prevent misuse of passwords.

o Firewalls cannot protect if security rules are misconfigured.

o Firewalls cannot protect against non-technical security risks, such as social engineering.

o Firewalls cannot stop or prevent attackers with modems from dialing in to or out of the
internal network.

o Firewalls cannot secure the system which is already infected.

Types of Firewall

Depending on their structure and functionality, there are different types of firewalls.
The following is a list of some common types of firewalls:

o Proxy Firewall

o Packet-filtering firewalls

o Stateful Multi-layer Inspection (SMLI) Firewall

o Unified threat management (UTM) firewall

o Next-generation firewall (NGFW)

o Network address translation (NAT) firewalls

Computer security classification

13 Summarize the Computer Security classification[7M][SET -4][Dec 2022]

Computer Security Classifications

As per the U.S. Department of Defense Trusted Computer System's Evaluation Criteria
there are four security classifications in computer systems: A, B, C, and D. This is widely used
specifications to determine and model the security of systems and of security solutions.
Following is the brief description of each classification.

S.NO Classification Type & Description

1
Type A
 Highest Level. Uses formal design specifications and verification techniques. Grants a high degre
of assurance of process security.

2 Type B
Provides mandatory protection system. Have all the properties of a class C2 system. Attaches
sensitivity label to each object. It is of three types.
• B1 − Maintains the security label of each object in the system. Label is used for makin
decisions to access control.
• B2 − Extends the sensitivity labels to each system resource, such as storage objects, support
covert channels and auditing of events.
• B3 − Allows creating lists or user groups for access-control to grant access or revoke acces
to a given named object.

3 Type C
Provides protection and user accountability using audit capabilities. It is of two types.
• C1 − Incorporates controls so that users can protect their private information and keep othe
users from accidentally reading / deleting their data. UNIX versions are mostly Cl class.
• C2 − Adds an individual-level access control to the capabilities of a Cl level system.

4 Type D
Lowest level. Minimum protection. MS-DOS, Window 3.1 fall in this category.

Case Studies: Linux, Microsoft Windows

14 Compare and contrast Linux with Microsoft Windows[7M] [SET -1][Dec 2023]

Difference between Linux and Windows OS

Topic Windows Linux

Command Windows allows users to use the Linux command-line offers more features
Line command line, To open the command for administration and daily tasks, it does not
line, click on the Run dialog box and type offer much to end-users.
CMD in the run search bar and press
Enter key.
Reliability Windows has improved its reliability but Linux is more reliable and secure then
still it is less reliable as compared to Windows OS. It mainly focuses on system
Linux. security, process management, and up-time.

Usability Windows is easier to use as it provides a Although Linux has the ability to perform
simple user interface. But its installation complex tasks easier, its installation process
process can take more time. is complicated.

Security Microsoft Windows can be part of Linux is a more secure operating system as
developing malware and viruses. compared to Microsoft Windows. Even
attackers found difficulty in breaking the
security with the help of Linux.

Support It provides users the online and integrated A wide number of books are available to
help systems, as well as a large number offer help about Linux, including online
of informative books, are available to support.
provide help for people at all skill levels.

Updates Regular Windows update makes users Linux provides users full control over
frustrated by alerting the Windows updates. They can update it accordingly, and
update for inconvenient times. it takes less time to get an update as well as
Additionally, it takes more time to get an without any reboot the system.
update.

Licensing Microsoft Windows with license does not Linux operating system with a license offers
allow to modify the software (don't have users the benefit to re-use the source code on
access to the source code). It can be any number of systems. It is also allowed the
installed only on the systems with a users to modify the software and sell its
Windows license key. modified version.

15 Elaborate on various features of Linux Operating System [7M][SET -4][Dec 2023]

Linux

Free & Open Source Operating System

Modifying this compiled code is a tough job.

It is secure
Favorable choice of Developers

Linux is a UNIX-like operating system, but it supports a range of hardware devices

from phones to supercomputers. Every Linux-based operating system has the Linux kernel and
set of software packages to manage hardware resources.

We can use Linux through an interactive user interface as well as from the terminal (Command
Line Interface). To run Linux from the terminal, press the "CTRL+ALT+T" keys. And, to explore its
functionality, press the application button given on the left down corner of your desktop