Your SlideShare is downloading. ×
0
A+ Guide to Software, 4e Chapter 10  Securing Your PC and LAN
Securing Your Desktop or Notebook Computer <ul><li>Reasons for providing additional security </li></ul><ul><ul><li>Protect...
Access Control <ul><li>Authentication: identifies an individual  </li></ul><ul><li>Authorization: assigns privileges/right...
A+ Guide to Software, 4e Figure 10-3  Set supervisor and user passwords in CMOS setup to lock down a computer /32
A+ Guide to Software, 4e Figure 10-9  Control who can access a folder and the rights given that user or user group /32
Limit Use of the Administrator Account <ul><li>Three common types of accounts in Windows </li></ul><ul><ul><li>Administrat...
Use a Personal Firewall <ul><li>Firewalls are implemented in software or hardware </li></ul><ul><li>Purpose of a firewall ...
Use AV Software <ul><li>Antivirus (AV) software protects system from viruses </li></ul><ul><li>Using AV software to greate...
Keep Windows Updates Current <ul><li>Causes for Windows susceptibility to attacks </li></ul><ul><ul><li>Popularity of syst...
Set Internet Explorer for Optimum Security <ul><li>Some security features in Internet Explorer </li></ul><ul><ul><li>Pop-u...
Use Alternate Client Software <ul><li>Microsoft products targeted by authors of malware </li></ul><ul><ul><li>Microsoft In...
Consider Using Microsoft Shared Computer Toolkit for Windows XP <ul><li>Microsoft Shared Computer Toolkit for Windows XP <...
Hide and Encrypt Files and Folders <ul><li>Windows 2000/XP Encrypted File System (EFS) </li></ul><ul><ul><li>Works on with...
Hide and Encrypt Files and Folders (continued) <ul><li>Overview for sharing an encrypted file </li></ul><ul><ul><li>First ...
Physically Protect Your Equipment <ul><li>Don’t move or jar your computer when it’s turned on </li></ul><ul><li>Don’t smok...
Beware of Social Engineering <ul><li>Social engineering  </li></ul><ul><ul><li>Tricking people into giving out private inf...
Beware of Social Engineering (continued) <ul><li>Two ways to debunk a hoax e-mail </li></ul><ul><ul><li>Note phrases/subje...
Backup System Files <ul><li>Use Ntbackup to back up System State and registry </li></ul><ul><ul><li>Refer to Chapter 3 for...
Make Use of Event Logging and Incident Reporting <ul><li>Some incidents you might be expected to report </li></ul><ul><ul>...
Make Use of Event Logging and Incident Reporting (continued) <ul><li>Monitor changes to files and folders </li></ul><ul><u...
Destroy the Trash <ul><li>Trash is a source of sensitive information </li></ul><ul><li>How to prevent the exposure of data...
Perform a Monthly Security Maintenance Routine <ul><li>Change the administrator password </li></ul><ul><li>Make sure syste...
Securing Your Wired or Wireless Network <ul><li>Topics to cover </li></ul><ul><ul><li>How to use a router to secure a smal...
Use a Router to Secure a SOHO Network <ul><li>SOHO: a small office or home office </li></ul><ul><li>Use a router to secure...
Authentication Technologies  <ul><li>Controlling network access  </li></ul><ul><ul><li>Encrypt user accounts/passwords at ...
A+ Guide to Software, 4e Figure 10-42  A smart card such as this SecurID key fob is used to authenticate a user gaining ac...
Dealing with Malicious Software <ul><li>Malicious software (malware or computer infestation)  </li></ul><ul><ul><li>Any un...
You’ve Got Malware <ul><li>Some signs of malicious messages </li></ul><ul><ul><li>Pop-up ads plague you when surfing the W...
Here's the Nasty List  <ul><li>Virus </li></ul><ul><ul><li>Program that replicates by attaching to other programs </li></u...
Here's the Nasty List (continued) <ul><li>Browser hijacker: alters home page/browser settings </li></ul><ul><li>Dialer: di...
Here's the Nasty List (continued) <ul><li>Types of viruses </li></ul><ul><ul><li>Boot sector: virus hides in the boot sect...
Step-by-Step Attack Plan <ul><li>Run reputable AV software </li></ul><ul><ul><li>Examples: Norton Anti-Virus and McAfee Vi...
Upcoming SlideShare
Loading in...5
×

Chapter 10 - Power Point

499

Published on

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
499
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
19
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Transcript of "Chapter 10 - Power Point"

  1. 1. A+ Guide to Software, 4e Chapter 10 Securing Your PC and LAN
  2. 2. Securing Your Desktop or Notebook Computer <ul><li>Reasons for providing additional security </li></ul><ul><ul><li>Protection from attacks within the network </li></ul></ul><ul><ul><li>Attacks through security loopholes </li></ul></ul><ul><ul><li>Exposure during travel </li></ul></ul><ul><li>A few methods for securing a computer </li></ul><ul><ul><li>Limit use of the administrator accounts </li></ul></ul><ul><ul><li>Keep Windows updates current </li></ul></ul><ul><ul><li>Physically protect your equipment </li></ul></ul><ul><ul><li>Keep good backups of user data </li></ul></ul><ul><ul><li>Destroy trash that might contain sensitive data </li></ul></ul>A+ Guide to Software, 4e /32
  3. 3. Access Control <ul><li>Authentication: identifies an individual </li></ul><ul><li>Authorization: assigns privileges/rights to individuals </li></ul><ul><li>Types of passwords </li></ul><ul><ul><li>Power-on passwords (configured in CMOS setup) </li></ul></ul><ul><ul><li>Windows passwords </li></ul></ul><ul><ul><li>Online account passwords </li></ul></ul><ul><ul><li>Application passwords </li></ul></ul><ul><li>Some rules for creating strong passwords </li></ul><ul><ul><li>Combine upper/lower case letters, numbers, symbols </li></ul></ul><ul><ul><li>Do not use words in any language </li></ul></ul>A+ Guide to Software, 4e /32
  4. 4. A+ Guide to Software, 4e Figure 10-3 Set supervisor and user passwords in CMOS setup to lock down a computer /32
  5. 5. A+ Guide to Software, 4e Figure 10-9 Control who can access a folder and the rights given that user or user group /32
  6. 6. Limit Use of the Administrator Account <ul><li>Three common types of accounts in Windows </li></ul><ul><ul><li>Administrator </li></ul></ul><ul><ul><li>Guest </li></ul></ul><ul><ul><li>Limited User </li></ul></ul><ul><li>Advice for protecting the Administrator Account </li></ul><ul><ul><li>Create a Limited User account for ordinary activities </li></ul></ul><ul><ul><li>Use Administrator account for reserved activities </li></ul></ul><ul><ul><li>Change appearance of desktop to flag the account </li></ul></ul><ul><ul><li>Change strong password on a regular basis </li></ul></ul>A+ Guide to Software, 4e /32
  7. 7. Use a Personal Firewall <ul><li>Firewalls are implemented in software or hardware </li></ul><ul><li>Purpose of a firewall </li></ul><ul><ul><li>Prevent worms or hackers from invading your system </li></ul></ul><ul><li>Turn on Windows Firewall to protect your system </li></ul><ul><ul><li>It may be configured to allow for exceptions </li></ul></ul><ul><li>Windows Firewall is included with Service Pack 2 </li></ul>A+ Guide to Software, 4e /32
  8. 8. Use AV Software <ul><li>Antivirus (AV) software protects system from viruses </li></ul><ul><li>Using AV software to greatest effect </li></ul><ul><ul><li>Configure software to automatically download updates </li></ul></ul><ul><ul><li>Run AV software as a background process </li></ul></ul><ul><ul><li>Set software to automatically scan e-mail attachments </li></ul></ul><ul><li>Virus signature: distinguishing characteristics of virus </li></ul><ul><li>AV software does not always stop adware or spyware </li></ul><ul><li>Use removal program for adware or spyware </li></ul><ul><ul><li>Example: Ad-Aware by Lavasoft ( www.lavasoft.com ) </li></ul></ul>A+ Guide to Software, 4e /32
  9. 9. Keep Windows Updates Current <ul><li>Causes for Windows susceptibility to attacks </li></ul><ul><ul><li>Popularity of system makes it an attractive target </li></ul></ul><ul><ul><li>Highly integrated components give many entry points </li></ul></ul><ul><li>Update Web site: windowsupdate.microsoft.com </li></ul><ul><li>Two ways to keep updates current </li></ul><ul><ul><li>Access Web site from Windows Update </li></ul></ul><ul><ul><li>Run automatic update utility as background process </li></ul></ul>A+ Guide to Software, 4e /32
  10. 10. Set Internet Explorer for Optimum Security <ul><li>Some security features in Internet Explorer </li></ul><ul><ul><li>Pop-up blocker </li></ul></ul><ul><ul><li>The ability to manage add-ons </li></ul></ul><ul><ul><li>The ability to block scripts </li></ul></ul><ul><ul><li>The ability to disable scripts embedded in Web pages </li></ul></ul><ul><ul><li>The ability to set the general security level </li></ul></ul><ul><ul><ul><li>Medium is recommended </li></ul></ul></ul>A+ Guide to Software, 4e /32
  11. 11. Use Alternate Client Software <ul><li>Microsoft products targeted by authors of malware </li></ul><ul><ul><li>Microsoft Internet Explorer </li></ul></ul><ul><ul><li>Microsoft Outlook Express and Microsoft Outlook </li></ul></ul><ul><li>Some reasons for susceptibility </li></ul><ul><ul><li>Popularity </li></ul></ul><ul><ul><li>Close integration with other Windows components </li></ul></ul><ul><ul><li>Use of ActiveX controls </li></ul></ul><ul><li>Alternate browser: Firefox by Mozilla </li></ul><ul><li>Alternate e-mail client: Eudora by Qualcomm </li></ul>A+ Guide to Software, 4e /32
  12. 12. Consider Using Microsoft Shared Computer Toolkit for Windows XP <ul><li>Microsoft Shared Computer Toolkit for Windows XP </li></ul><ul><ul><li>Locks down the drive on which Windows is installed </li></ul></ul><ul><li>Features of Windows XP that can be locked down </li></ul><ul><ul><li>Windows configuration </li></ul></ul><ul><ul><li>Installed software or hardware </li></ul></ul><ul><ul><li>User settings or user data </li></ul></ul><ul><li>Some temporary changes are allowed </li></ul><ul><ul><li>When system reboots, it returns to prior state </li></ul></ul><ul><li>Toolkit can be downloaded for free </li></ul>A+ Guide to Software, 4e /32
  13. 13. Hide and Encrypt Files and Folders <ul><li>Windows 2000/XP Encrypted File System (EFS) </li></ul><ul><ul><li>Works on with Windows 2000/XP NTFS EFS </li></ul></ul><ul><ul><li>Is not supported in Windows XP Home Edition </li></ul></ul><ul><li>Encryption: technology for encrypting folders/files </li></ul><ul><li>Best practice: encrypt at the folder level </li></ul><ul><li>How to encrypt a file or folder </li></ul><ul><ul><li>Open Properties window of file or folder </li></ul></ul><ul><ul><li>Click Advanced and select appropriate options </li></ul></ul><ul><li>Encrypted folders and files in are displayed in green </li></ul>A+ Guide to Software, 4e /32
  14. 14. Hide and Encrypt Files and Folders (continued) <ul><li>Overview for sharing an encrypted file </li></ul><ul><ul><li>First export your certificate </li></ul></ul><ul><ul><li>The other user imports certificate for access to file </li></ul></ul><ul><li>Sharing tool: Certificate Export Wizard </li></ul><ul><li>Data recovery agent (DRA): can decrypt file/folder </li></ul><ul><li>Three ways decrypt a file or folder </li></ul><ul><ul><li>Change encryption attribute from Properties window </li></ul></ul><ul><ul><li>Move file or folder to a FAT logical drive </li></ul></ul><ul><ul><li>Use the Cipher command </li></ul></ul>A+ Guide to Software, 4e /32
  15. 15. Physically Protect Your Equipment <ul><li>Don’t move or jar your computer when it’s turned on </li></ul><ul><li>Don’t smoke around your computer </li></ul><ul><li>If your data is private, keep it under lock and key </li></ul><ul><li>Keep magnets away from your computer </li></ul><ul><li>Lock down the computer case </li></ul>A+ Guide to Software, 4e /32
  16. 16. Beware of Social Engineering <ul><li>Social engineering </li></ul><ul><ul><li>Tricking people into giving out private information </li></ul></ul><ul><ul><li>Passing unsafe programs into the network or PC </li></ul></ul><ul><li>Some techniques of social engineers </li></ul><ul><ul><li>Phishing: extracting personal data via e-mail </li></ul></ul><ul><ul><li>Scam e-mail: offers to join phony ventures </li></ul></ul><ul><ul><li>Virus (e-mail) hoax: clogs up e-mail systems </li></ul></ul><ul><li>A few rules for using the Internet </li></ul><ul><ul><li>Do not click links inside e-mail messages </li></ul></ul><ul><ul><li>Investigate a Web site before downloading software </li></ul></ul>A+ Guide to Software, 4e /32
  17. 17. Beware of Social Engineering (continued) <ul><li>Two ways to debunk a hoax e-mail </li></ul><ul><ul><li>Note phrases/subjects that request mass forwarding </li></ul></ul><ul><ul><li>Use services of security site; e.g., www.hoaxkill.com </li></ul></ul><ul><li>Scripts: code segments automating set of tasks </li></ul><ul><ul><li>Example: files with extensions .wsf and .vbs </li></ul></ul><ul><li>Malicious scripts are often hidden in e-mails </li></ul><ul><ul><li>Example: the link www.symantec.com.vbs </li></ul></ul><ul><li>Protecting against malicious scripts </li></ul><ul><ul><li>Set Windows to display file extensions </li></ul></ul><ul><ul><li>Set Windows to first load script to Notepad </li></ul></ul>A+ Guide to Software, 4e /32
  18. 18. Backup System Files <ul><li>Use Ntbackup to back up System State and registry </li></ul><ul><ul><li>Refer to Chapter 3 for procedures </li></ul></ul><ul><li>When to back up the System State </li></ul><ul><ul><li>After you have made major changes to the system </li></ul></ul><ul><ul><li>Example: after installing a new hard drive </li></ul></ul><ul><li>Make backups a routine part of monthly maintenance </li></ul>A+ Guide to Software, 4e /32
  19. 19. Make Use of Event Logging and Incident Reporting <ul><li>Some incidents you might be expected to report </li></ul><ul><ul><li>An attempt at breaking in to a secured PC or network </li></ul></ul><ul><ul><li>The security has been broken </li></ul></ul><ul><ul><li>An alarm has been activated </li></ul></ul><ul><li>Some reasons for incident reporting </li></ul><ul><ul><li>The need for others to respond to an incident </li></ul></ul><ul><ul><li>The need to know about a weak security loophole </li></ul></ul><ul><ul><li>Legal concerns </li></ul></ul><ul><li>Monitoring Windows 2000/XP logon events </li></ul><ul><ul><li>Configure Event Viewer to track failed logon attempts </li></ul></ul>A+ Guide to Software, 4e /32
  20. 20. Make Use of Event Logging and Incident Reporting (continued) <ul><li>Monitor changes to files and folders </li></ul><ul><ul><li>Set the Group Policy to audit an object </li></ul></ul><ul><ul><li>Add the users that you want to monitor </li></ul></ul><ul><ul><li>Decide which activity to monitor </li></ul></ul><ul><ul><li>View logged activity in the Event Viewer </li></ul></ul><ul><li>Some third-party monitoring tools </li></ul><ul><ul><li>Autoruns by Sysinternals </li></ul></ul><ul><ul><li>WinPatrol by BillP Studios </li></ul></ul><ul><li>Monitoring network activity with Windows Firewall </li></ul><ul><ul><li>Configure Log Settings accessed from Advanced tab </li></ul></ul>A+ Guide to Software, 4e /32
  21. 21. Destroy the Trash <ul><li>Trash is a source of sensitive information </li></ul><ul><li>How to prevent the exposure of data </li></ul><ul><ul><li>Destroy all storage media before you throw it out. </li></ul></ul><ul><ul><li>Destroy hard copies that contain sensitive data </li></ul></ul><ul><ul><li>Steps to take when migrating from older medium </li></ul></ul><ul><ul><ul><li>Encrypt data being migrated between systems </li></ul></ul></ul><ul><ul><ul><li>Control user access to migrated data </li></ul></ul></ul><ul><ul><ul><li>Destroy old data storage medium no longer being used </li></ul></ul></ul><ul><ul><li>Erase hard-drive of old PC with a zero-fill utility </li></ul></ul>A+ Guide to Software, 4e /32
  22. 22. Perform a Monthly Security Maintenance Routine <ul><li>Change the administrator password </li></ul><ul><li>Make sure system is being automatically updated </li></ul><ul><li>Check that AV software is installed and current </li></ul><ul><li>Visually check the equipment for tampering </li></ul><ul><li>Check the Event Viewer </li></ul>A+ Guide to Software, 4e /32
  23. 23. Securing Your Wired or Wireless Network <ul><li>Topics to cover </li></ul><ul><ul><li>How to use a router to secure a small network </li></ul></ul><ul><ul><li>How to secure a wireless network </li></ul></ul><ul><ul><li>Authentication techniques used for larger networks </li></ul></ul>A+ Guide to Software, 4e /32
  24. 24. Use a Router to Secure a SOHO Network <ul><li>SOHO: a small office or home office </li></ul><ul><li>Use a router to secure a SOHO network </li></ul><ul><li>Tasks that routers perform: </li></ul><ul><ul><li>Limit communication from outside the network </li></ul></ul><ul><ul><li>Limit communication from within the network </li></ul></ul><ul><ul><li>Secure a wireless access point </li></ul></ul><ul><ul><li>Implement a virtual private network (VPN ) </li></ul></ul><ul><li>Keep router firmware current </li></ul>A+ Guide to Software, 4e /32
  25. 25. Authentication Technologies <ul><li>Controlling network access </li></ul><ul><ul><li>Encrypt user accounts/passwords at point of entry </li></ul></ul><ul><ul><li>Decrypt user accounts/passwords before validation </li></ul></ul><ul><li>Popular authentication protocols: CHAP, Kerberos </li></ul><ul><li>Two-factor authentication: present two types of id </li></ul><ul><li>Smart cards </li></ul><ul><ul><li>Device with id information keyed or read into system </li></ul></ul><ul><ul><li>Variations: key fob, magnetic strip, and USB smart cards </li></ul></ul><ul><li>Biometric data: id based on physical characteristics </li></ul><ul><ul><li>Some biometric devices: iris scanner, fingerprint reader </li></ul></ul>A+ Guide to Software, 4e /32
  26. 26. A+ Guide to Software, 4e Figure 10-42 A smart card such as this SecurID key fob is used to authenticate a user gaining access to a secured network /32
  27. 27. Dealing with Malicious Software <ul><li>Malicious software (malware or computer infestation) </li></ul><ul><ul><li>Any unwanted program intending harm to system </li></ul></ul><ul><ul><li>Transmitted to your computer without your knowledge </li></ul></ul><ul><li>Examples of malware: viruses and worms </li></ul><ul><li>Topics to cover </li></ul><ul><ul><li>How to recognize that a system is infected </li></ul></ul><ul><ul><li>How to understand how malicious software works </li></ul></ul><ul><ul><li>How to clean up the mess </li></ul></ul>A+ Guide to Software, 4e /32
  28. 28. You’ve Got Malware <ul><li>Some signs of malicious messages </li></ul><ul><ul><li>Pop-up ads plague you when surfing the Web </li></ul></ul><ul><ul><li>Strange or bizarre error messages appear </li></ul></ul><ul><ul><li>Less memory than usual is available </li></ul></ul><ul><ul><li>Strange graphics appear on your computer monitor </li></ul></ul><ul><ul><li>The system cannot recognize the CD-ROM drive </li></ul></ul><ul><ul><li>Files constantly become corrupted </li></ul></ul><ul><ul><li>The OS boots, but cannot launch the Windows desktop </li></ul></ul><ul><ul><li>Your antivirus software displays one or more messages </li></ul></ul>A+ Guide to Software, 4e /32
  29. 29. Here's the Nasty List <ul><li>Virus </li></ul><ul><ul><li>Program that replicates by attaching to other programs </li></ul></ul><ul><ul><li>Infected program must execute for virus to run </li></ul></ul><ul><ul><li>Example: boot sector program </li></ul></ul><ul><ul><li>Protection: run AV software in the background </li></ul></ul><ul><li>Adware: produces all those unwanted pop-up ads </li></ul><ul><li>Spam is junk e-mail that you do not want </li></ul><ul><li>Spyware: program installing itself to spy on you </li></ul><ul><li>Worm: self-replicating program that overloads network </li></ul>A+ Guide to Software, 4e /32
  30. 30. Here's the Nasty List (continued) <ul><li>Browser hijacker: alters home page/browser settings </li></ul><ul><li>Dialer: dials phone number without your knowledge </li></ul><ul><li>Keylogger: tracks all your keystrokes </li></ul><ul><li>Logic bomb: dormant code triggered by an event </li></ul><ul><li>Trojan horse: disguises itself as a legitimate program </li></ul>A+ Guide to Software, 4e /32
  31. 31. Here's the Nasty List (continued) <ul><li>Types of viruses </li></ul><ul><ul><li>Boot sector: virus hides in the boot sector program </li></ul></ul><ul><ul><li>File virus: hides in executable (.exe, .com, or .sys) </li></ul></ul><ul><ul><li>Multipartite virus: combined boot sector and file virus </li></ul></ul><ul><ul><li>Macro virus: hides in documents of macro files </li></ul></ul><ul><ul><li>Script virus: a virus that hides in a script </li></ul></ul><ul><li>How malware replicates and hides </li></ul><ul><ul><li>Uses various techniques to load itself into memory </li></ul></ul><ul><ul><li>Attempts to hide from AV software </li></ul></ul><ul><ul><li>Example: stealth virus manipulates its storage file </li></ul></ul>A+ Guide to Software, 4e /32
  32. 32. Step-by-Step Attack Plan <ul><li>Run reputable AV software </li></ul><ul><ul><li>Examples: Norton Anti-Virus and McAfee VirusScan </li></ul></ul><ul><li>Run adware or spyware removal software </li></ul><ul><ul><li>Example: Windows Defender by Microsoft </li></ul></ul><ul><li>Search out and destroy what’s left </li></ul><ul><ul><li>Respond to any startup errors </li></ul></ul><ul><ul><li>Delete malicious files </li></ul></ul><ul><ul><li>Purge restore points </li></ul></ul><ul><ul><li>Clean the registry </li></ul></ul><ul><ul><li>Root out rootkits </li></ul></ul>A+ Guide to Software, 4e /32
  1. A particular slide catching your eye?

    Clipping is a handy way to collect important slides you want to go back to later.

×