Your SlideShare is downloading. ×
Module 5   security
Upcoming SlideShare
Loading in...5

Thanks for flagging this SlideShare!

Oops! An error has occurred.


Introducing the official SlideShare app

Stunning, full-screen experience for iPhone and Android

Text the download link to your phone

Standard text messaging rates apply

Module 5 security


Published on

Published in: Technology

  • Be the first to comment

  • Be the first to like this

No Downloads
Total Views
On Slideshare
From Embeds
Number of Embeds
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

No notes for slide
  • The configuration of the DHCP network can be explained from the book-refer the same topic
  • Transcript

    • 1. Operating System Reference Guide Module 5- Security
    • 2. Module 5 Security
          • Introduction
          • Data Security is the process of ensuring that data is safe and is free from corruption.
          • Ideally, three common methods are used to prevent data – accounts, group and permission
            • Physical security of data
            • Providing permissions to groups
            • Permissions that defines the data
    • 3. Lesson 1 - Understanding Networking in Windows
          • Topics covered are
            • Data security
            • Authentication technologies
            • PC security
            • Wireless security
            • Other security issues
    • 4. Topic 1 – Data Security
          • Accounts, Groups and permissions
            • Data security ensures that data is safe from corruption and access to that data is under control.
            • It is not enough to have good firewall, but data security should ensure privacy, which helps in protecting personal data.
            • Having a firewall will protect the system from other system accessing it
          • Accounts
            • We need valid accounts to access Windows 2000/XP system. If the account is not valid, the user cannot use the system.
    • 5. Topic 1 – Data Security
          • Groups
            • A group defines a collection of accounts that share the same access possibilities
            • Creating a group makes the job easy
            • The user can assign a particular level of access for a file to a group
            • Otherwise the users need to give permission to individual users separately
    • 6. Topic 1 – Data Security
          • Permissions
            • Permission defines the level of accessibility of a particular account can or cannot do to the file
            • For example: you can let a person to edit a file but not delete it
            • Can let a person to create a folder and not permit other people to make subfolders
    • 7. Topic 1 – Data Security
          • Local security policy
            • A local user or group is an account that can be granted permissions and rights from your computer
            • Local Users and Groups is an important security feature because you can limit the ability of users and groups to perform certain actions by assigning them rights and permissions.
            • A security policy is a combination of security settings that affect the security on a computer
            • By using a security policy you can control unauthorized access to the computer
            • Use of the resources shared on the computer and the recording of the group/non-group’s actions displayed by the event log.
    • 8. Topic 1 – Data Security
          • Encryption
            • In cryptography encryption is a process where we make a document unreadable without the proper knowledge or key to read it
            • It is at times referred as scrambling
            • Microsoft calls the encryption utility in NTFS as EFS that is Encrypting Files System
    • 9. Topic 1 – Data Security
          • Data remnant removal
            • Removing all usable data from media typically hard drive or any media is called as Data Remnant Removal.
            • Data can be on any magnetic or optical devices
            • As data or Hardware ages, we can bring policies to remove the data from the present storage and move it on to the new media
            • Another way is to physically write down the information of the media & contents of it
            • This process of removing the user data is known as Data Remnant Removal
    • 10. Topic 1 – Data Security
        • Audit and event logging
          • Audit is the process that tracks the activities of users by recording selected types of events in the security log of a server or a workstation
          • Before auditing is implemented the auditing policy must be selected
          • An auditing policy specifies categories of security-related events that you want to audit
    • 11. Topic 1 – Data Security
          • Password Management
            • A password is used to control access to resource. The password should be kept secret from those not allowed access
            • Passwords are used in many fields.
            • To protect computer operating systems, mobile phones cable TV decoders, automated teller machines (ATM)
    • 12. Topic 1 – Data Security
          • Protecting the password
            • Create a password, which is easy to remember but hard to guess by others.
            • The account lockout policy can be enabled to lock the computer when an incorrect password is typed for 3 times
            • Include punctuation marks or symbols.
            • Do not use blank space.
            • Change password once every 6 months.
            • Use upper and lower case characters.
            • Do not write down the password.
    • 13. Topic 2 – Authentication Technologies
        • Smart Card
          • Unlike magnetic stripe cards, smart cards can carry all essential functions and information
          • Smart card resembles a credit-card in shape and size
          • The small microprocessor embedded inside is used for security
          • When this smart card is interfaced with the computer using a card reader, the computer reads the information
    • 14. Topic 2 – Authentication Technologies
        • Smart card Readers Terminals
          • Smart Card Reader is a unit that interfaces with a PC.
          • Terminal is a self-contained processing device
          • Smart card reader can be connected through RS232 serial ports, USB ports, PCMCIA etc
    • 15. Topic 2 – Authentication Technologies
        • Types of smart cards
          • There are three types of smart cards available , they are
            • Integrated Circuit Microprocessor Card
            • Integrated Circuit Memory Cards
            • Optical Memory Cards
    • 16. Topic 2 – Authentication Technologies
        • Biometric Devices
          • Biometric devices can be used as input to a computer.
          • A biometric device like a fingerprint scanner can be used for additional level of security
          • Biometric devices can also be programmed to verify a person’s identity based on the facial features, voice or even handwriting
          • Some of the biometric devices are
            • Finger prints
            • Face Recognition
            • Speaker Recognition
            • Iris Recognition
    • 17. Topic 2 – Authentication Technologies
      • Key Fobs
        • A key fob is a small hardware device with built-in authentication mechanisms
        • Electronic key fobs are used for remote keyless entry systems on motor vehicles
        • People started using key fobs in apartment building to access common areas and it is used in automatic sliding doors
    • 18. Topic 3 - Overview of various command line tools for networking
        • NSlookup
          • The NSlookup utility can be used to identify the origin of a host name resolution error.
          • When the host name resolution is successful, NSlookup utility displays the hostname and the IP address of the DNS server that is configured on the local computer
      Fig 1 Fig 2
    • 19. Topic 4 - Overview of Resource Sharing
        • When a large number of computers are connected in a network the resources are shared between the users.
        • Folder Sharing
          • To access a folder present on your computer from a remote location you need to share the folder.
          • User must set permissions on the shared folders to control the level of access that other people have to the files and the folders
          • To share a folder user must right click on the folder and click properties
    • 20. Topic 3 – PC Security
          • Computer Virus
          • Computer Malware is a term given to all forms of Computer Software designed specifically to damage or disrupt a computer system
        • The different kinds of computer Malware are
          • Computer Virus
          • Trojan Horse
          • Worm
          • Virus Hoax
    • 21. Topic 3 – PC Security
          • Computer virus
        • A virus must
          • Must able to execute itself
          • Must be able to replicate itself
        • The different kinds of virus are
            • File Infectors
            • Boot Sector Infectors
            • Master Boot Record Infectors
            • Multi-Partite viruses
            • Macro viruses
    • 22. Topic 3 – PC Security
          • Trojan Horse
          • Trojan Horses are impostors.
          • They are executable files that claim to be something desirable but, in fact, are malicious.
          • They do not replicate
        • Worm
          • A Worm is program that can replicate itself from system to system without the use of a host file.
          • They generally exist another host file
          • The entire file will travel from computer to computer, so the entire file should be considered the worm
    • 23. Topic 3 – PC Security
          • A Virus hoax is message that almost always is sent by email that amounts to little more than a chain letter.
          • Some of the common phrases used in these virus hoaxes are
            • If you receive an email titled [email virus hoax name here], do not open it!
            • Delete it immediately!
            • It contains the [hoax name] virus
            • It will delete everything on your hard drive and [extreme and improbable danger specified here]
            • This virus was announced today by [reputable organization name here]
            • Forward this warning to everyone you know!
    • 24. Topic 3 – PC Security
        • Steps to Prevent Virus are
            • Do not open any files attached to an email from an unknown, suspicious or untrustworthy source
            • Delete chain emails and junk email
            • Exercise caution when downloading files from the Internet .
            • Update your anti-virus software regularly
    • 25. Topic 4 – Wireless Security
        • Wireless Security
          • A wireless access point is a device that connects multiple wireless devices to form a network
          • The other terminal of the access point is connected to a wired device
          • Hence the access point serves to be a link between the wireless and wired devices
    • 26. Topic 4 – Wireless Security
        • Enabling a Static IP
          • A wireless device automatically assigns IP addresses to the devices that try to connect to the network
          • Using a DHCP on a wireless network can attract a lot of hackers to access your network, because DHCP assigns all the users including the hacker, IP addresses automatically
          • Hence to provide extra protection, a static IP can be assigned to the devices
    • 27. Topic 4 – Wireless Security
        • Disabling a SSID broadcast
          • By default a wireless network device like a router will broadcast the signal to the rest of the world
          • Along with the message it also broadcasts the SSID (service set identifier)
          • The SSID is a sequence of case sensitive alphanumeric characters having a length of 32 letters
          • The service set identifier is the name of the network
          • Any unknown network device can get connected to this network using the SSID
    • 28. Topic 4 – Wireless Security
        • Change the default SSID
            • For a wireless device to connect to a wireless network, it needs to know the SSID of the network
            • Hence it is advisable to change the SSID of a network to a different and trickier one
        • MAC address filtering
            • A user who is identified as a “legitimate user” by the network will create a list of MAC addresses which are allowed to access his network
            • If a unknown (an address not in the MAC address list) address to access his network the access will be denied
    • 29. Topic 5 – Other Security Issues
          • Other Security Issues
            • BIOS Security
            • Hardware Deconstruction and Cycling
            • Data Migration
    • 30. Topic 6 - Network Topologies, Network Devices and Network Operating System
          • Bridges
            • A bridge is a physical unit with two ports which connects the network segments together and filters the amount of traffic on each network
    • 31. Topic 6 - Network Topologies, Network Devices and Network Operating System
          • Switches
            • Switches allow different nodes (a network connection point) of a network to communicate directly with one another in a smooth and efficient manner.
            • Switches on receiving the data packets transfers only to the intended recipients preventing the wastage of the network bandwidth and optimizing efficiency
    • 32. Topic 6 - Network Topologies, Network Devices and Network Operating System
          • Router
            • A router is a device that connects two network interfaces together.
            • The two networks can be either two LANs or WANs or a LAN and its ISP's network.
            • A router route the packets to other networks until that packet ultimately reaches its destination
    • 33. Topic 6 - Network Topologies, Network Devices and Network Operating System
          • Network Operating Systems
          • Network operating system can be defined as an operating system that include special functions for connecting computers and devices into a local area network (LAN).
          • Some of the important Network operating system are UNIX, Mac OS, Novell Network, Windows NT 4.0, Windows 2000 Server, Windows Server 2003
    • 34. Topic 7 - Configuring Network Interface Card
          • Network Interface Card (NIC)
          • It is a physical device that connects the computer system to the network wire
          • To connect to the network you need to install the NIC card on the computer
          • Every network card has a unique 48-bit serial number called a MAC address, which is written to ROM carried on the card. Every computer on a network must have a card with a unique MAC address
          • The manufacturer of the NIC provides the driver software which needs to be installed in order to use the NIC
    • 35. Topic 7 - Configuring Network Interface Card
          • To install the NIC from the Add Hardware Wizard
          • Click Start  Settings  Control Panel .
          • In the Control Panel window, double-click on the Add Hardware icon.
    • 36. Topic 7 - Configuring Network Interface Card
          • The Add hardware Wizard window is shown below and the NIC is shown below
    • 37. Topic 8 - Installing a Network Operating System (Windows Server 2003)
        • Microsoft introduced Windows Server 2003 in four product editions. They are
          • Windows Server 2003,Standard Edition
          • Windows Server 2003,Enterprise Edition (32-bit,64-bit versions)
          • Windows Server 2003,Datacenter Edition (32-bit,64-bit versions)
          • Windows Server 2003,Web Edition
        • pre-installation steps before installing an operating system
          • Installing Windows Server 2003 Enterprise Edition
            • Text based
            • GUI based
    • 38. Topic 8 - Installing a Network Operating System (Windows Server 2003)
        • Post-Installation Steps
          • The welcome screen has the Manage Your Server window. This wizard can be closed if not required.
          • To manually configure the server, open the Manage Your Server applet through the Start menu as shown
    • 39. Lesson 2 - Internet Technology
          • Introduction
            • There are several internet technologies that are used on the internet.
            • To access the web pages you need to use a browser which can be configured with several settings.
            • Additionally, you should be able to protect your computers from intruders using Firewall.
          • Topics covered in this lesson
            • Internet Terminologies
            • Connectivity Technologies
            • Browser Configurations
            • Firewall Configuration in Windows XP
    • 40. Topic 1 - Internet Terminologies
          • Some of the common internet terminologies used in the modern world are
            • ISP
            • E-mail
            • HTML
            • HTTP
            • SSL
            • HTTPS
            • Telnet
            • FTP
            • Newsgroups
    • 41. Topic 1 - Internet Terminologies
        • ISP
          • ISP( Internet Service Provider) is an organization that provides access to the Internet for a monthly fee.
          • The ISP provides a username, password and an access phone number to get connected to the internet.
    • 42. Topic 1 - Internet Terminologies
        • E-mail
          • Electronic mail (e-mail) is a store and forward method of composing, sending, storing, and receiving messages over electronic communication systems
          • Some of the popular email programs (or email clients) are Microsoft’s Outlook Express and Netscape’s Messenger.
          • The different types of servers are
            • POP3 (Post Office Protocol version 3)
            • IMAP (Internet Mail Access Protocol)
            • SMTP (Simple Mail Transfer Protocol)
    • 43. Topic 1 - Internet Terminologies
        • HTML
          • Hypertext Markup Language (HTML) is a markup language for the creation of web pages
          • The HTML documents consists of HTML elements defined using HTML tags
          • HTTP (Hypertext Transfer Protocol) is the protocol that is used on the World Wide Web
          • It defines how messages are formatted and transmitted,
          • HTTP is called a stateless protocol because each command is executed independently
    • 44. Topic 1 - Internet Terminologies
        • SSL
          • Secure Sockets Layer (SSL) is a protocol developed by Netscape for transmitting private documents via the Internet
          • The encryption technology used by SSL provides data encryption, server authentication, message integrity, and client authentication for any TCP/IP connection
        • HTTPS
          • HTTPS (Secure Hyper Text Transfer Protocol) (S-HTTP) is another protocol that transmits data securely over the internet
          • is designed to transmit individual messages securely unlike SSL which can transmit any amount of data securely between a client and a server
    • 45. Topic 1 - Internet Terminologies
        • Telnet
          • It is used to provide user oriented command line login sessions between hosts on the Internet
          • A telnet session can be started by logging in to the server by entering a valid username and password
          • The telnet port is usually port 23
    • 46. Topic 1 - Internet Terminologies
        • FTP
          • FTP (File Transfer Protocol) is used to download a file from a server using the Internet or to upload a file to a server
          • To access an FTP site, you must use an FTP client such as WS_FTP and type the URL of the FTP site
        • Newsgroups
          • To access a newsgroup, you must use a newsreader program
          • Microsoft’s Outlook Express is the most common of all newsreaders as it comes free with most versions of Windows
          • Else the ISP gives the name of the news server and also a username and password if necessary
    • 47. Topic 2 - Connectivity Technologies
          • Internet can be accessed by a variety of methods including telephone, cable, satellite and wireless. Depending on the usage, location and the expenditure a user will have to choose from the following forms of internet given below
            • Dial-up Networking
            • DSL networking
            • ISDN networking
            • Cable
            • Satellite
            • Wireless
            • LAN
    • 48. Topic 2 - Connectivity Technologies
        • Dial-up Networking
          • The Dial-up connection can be categorized into two types, analog and digital connection
          • An analog connection requires a telephone line and modem
    • 49. Topic 2 - Connectivity Technologies
        • DSL networking
          • Use a standard telephone line but special equipment on each end to create an all the time internet
          • Common forms of DSL Asynchronous and Synchronous (ADSL) and (SDSL)
    • 50. Topic 2 - Connectivity Technologies
        • ISDN networking
          • Integrated Services Digital Network ( ISDN ) is a circuit switched telephone network system, designed to allow digital transmission of voice and data over ordinary telephone copper wires
    • 51. Topic 2 - Connectivity Technologies
        • Cable
          • When a cable company offers Internet access over the cable the downstream data is sent into a 6-MHz channel. Upstream data uses a channel of 2 MHz
          • Two types of equipment used in cable internet are cable modem on the customer end and a cable modem termination system (CMTS) at the cable provider's end.
    • 52. Topic 2 - Connectivity Technologies
        • Satellite
          • Satellite Internet services are used in locations where terrestrial Internet access is not available
          • The connection to high speed satellite Internet service is comprised of both indoor and outdoor equipment
          • Outside, there is an antenna and transmit-and-receive electronics, along with a connection to a small, dish.
          • This equipment connects by coaxial cable to the Indoor Receive Unit (IRU) and Indoor Transmit Unit (ITU) which connect to your computer through a simple USB connector
    • 53. Topic 2 - Connectivity Technologies
          • The satellite internet mechanism and a reception antenna is shown in the figure below
      Satellite Internet mechanism Satellite Internet Dish
    • 54. Topic 2 - Connectivity Technologies
        • Wireless
          • The wireless Internet means that you must connect to a LAN that is wired to an ISP
    • 55. Topic 2 - Connectivity Technologies
        • LAN
          • A local area network (LAN) is a group of computers and associated devices that share a common communications line or wireless link.
          • Ethernet is by far the most commonly used LAN technology )
    • 56. Topic 3 - Browser Configurations
        • There are several configurations that can be set on a web browser.
        • The most commonly used web browser is the Microsoft Internet Explorer.
        • The settings on this web browser in the Internet Explorer Options present in the Control Panel applet or by clicking the Tools menu The settings on the internet explorer are:
          • Proxy Server
          • Security and Scripts
    • 57. Topic 3 - Browser Configurations
        • Proxy Server
            • A proxy server is a computer that allows clients to make indirect network connections to other network services
            • Hence the client computers are configured with the IP address of the server which is directly connected to the network server providing the service
    • 58. Topic 4 - Firewall Configuration in Windows XP
        • Firewall is a type of security mechanism that acts as a barrier to check the data (often called traffic) coming to the computer from other computer
        • There are two kinds of firewalls
          • Hardware Firewall
          • Software Firewall
    • 59. Conclusion
        • Summary
          • A network is a set of computers or hardware devices connected together physically or logically
          • A network protocol is a software that provides a set of rules for communicating between computers.
          • The computers in a windows network communicate with each other using their IP address.
          • In Microsoft Windows network, a device can be configured with a static or a dynamic IP Address
          • IPX/SPX (NWLink) is the Microsoft implementation of IPX/SPX
          • AppleTalk is the proprietary Apple protocol which is small and relatively fast like IPX
    • 60. Conclusion
          • Summary
            • Microsoft Windows operating system provide several command line tools that can be used for troubleshooting any TCP/IP related issues.
            • The various kinds of resources such as files, folders, entire drives, printers, faxes, Internet connections, etc can be shared on a Windows operating system
            • There are several terminologies used in the internet. These include, ISP, SSL, Email, HTTP, HTML, FTP, Telnet, etc.
            • ISP or Internet Service Provider is an organization that provides access to the Internet for a monthly fee.
    • 61. Conclusion
          • Summary
            • HTTP (Hypertext Transfer Protocol) is the protocol, which defines how messages are formatted and transmitted
            • SSL or Secure Sockets Layer provides secure transmission of data between web browsers and web servers.
            • HTTPS or Secure Hyper Text Transfer Protocol (S-HTTP) is another protocol that transmits data securely over the internet.
            • Telnet is a terminal emulation program for TCP/IP networks such as the Internet.
            • Windows XP Professional operating system has a built-in firewall called Internet Connection Firewall (ICF).