Ite pc v40_chapter9_edited_h
Upcoming SlideShare
Loading in...5
×
 

Ite pc v40_chapter9_edited_h

on

  • 354 views

 

Statistics

Views

Total Views
354
Views on SlideShare
354
Embed Views
0

Actions

Likes
0
Downloads
10
Comments
0

0 Embeds 0

No embeds

Accessibility

Categories

Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

Ite pc v40_chapter9_edited_h Ite pc v40_chapter9_edited_h Presentation Transcript

  • CHAPTER 9 Fundamental Security IT Essentials: PC Hardware and Software v4.0ITE PC v4.0Chapter 1 © 2007 Cisco Systems, Inc. All rights reserved. Cisco Public 1
  • Objectives ■ Why is security important? ■ What are security threats? ■ What are some security procedures? ■ What are the preventive maintenance techniques for security? ■ What can be done to troubleshoot security?ITE PC v4.0Chapter 1 © 2007 Cisco Systems, Inc. All rights reserved. Cisco Public 2
  • ■ Define viruses, worms, and Trojan horses. ■ Explain web security. ■ Define adware, spyware, and grayware. ■ Explain denial of service. ■ Describe spam and popups. ■ Explain social engineering. ■ Explain TCP/IP attacks. ■ Explain hardware deconstruction and recycling.ITE PC v4.0Chapter 1 © 2007 Cisco Systems, Inc. All rights reserved. Cisco Public 3
  • Security Threats To successfully protect computers and the network, a technician must understand both of the following types of threats to computer security: ■ Physical: Events or attacks that steal, damage, or destroy such equipment as servers, switches, and wiring. ■ Data: Events or attacks that remove, corrupt, deny access to, allow access to, or steal information.ITE PC v4.0Chapter 1 © 2007 Cisco Systems, Inc. All rights reserved. Cisco Public 4
  • ■ Internal: Employees who have access to data, equipment, and the network. Internal attacks can be characterized as follows: ■ Malicious threats are when an employee intends to cause damage. ■ Accidental threats are when the user damages data or equipment unintentionally.ITE PC v4.0Chapter 1 © 2007 Cisco Systems, Inc. All rights reserved. Cisco Public 5
  • ■ External: Users outside an organization who do not have authorized access to the network or resources. External attacks can be characterized as follows: ■ Unstructured attacks, which use available resources, such as passwords or scripts, to gain access to and run programs designed to vandalize. ■ Structured attacks, which use code to access operating systems and software.ITE PC v4.0Chapter 1 © 2007 Cisco Systems, Inc. All rights reserved. Cisco Public 6
  • Viruses, Worms, and Trojan Horses Virus is attached to small pieces of computer code, software, or documents. It executes when the software is run on a computer. A virus is transferred to another computer through e-mail, file transfers, and instant messaging. The virus hides by attaching itself to a file on the computer. When the file is accessed, the virus executes and infects the computer. A virus has the potential to corrupt or even delete files on your computer, use your e-mail to spread itself to other computers, or even erase your hard drive.ITE PC v4.0Chapter 1 © 2007 Cisco Systems, Inc. All rights reserved. Cisco Public 7
  •  A worm is a self-replicating program that is harmful to networks. A worm uses the network to duplicate its code to the hosts on a network, often without any user intervention.  A Trojan horse technically is a worm. It does not need to be attached to other software. Instead, a Trojan threat is hidden in software that appears to do one thing, and yet behind the scenes it does another. Trojans often are disguised as useful software. The Trojan program can reproduce like a virus and spread to other computers.ITE PC v4.0Chapter 1 © 2007 Cisco Systems, Inc. All rights reserved. Cisco Public 8
  •  Virus protection software, known as antivirus software, is software designed to detect, disable, and remove viruses, worms, and Trojans before they infect a computer.ITE PC v4.0Chapter 1 © 2007 Cisco Systems, Inc. All rights reserved. Cisco Public 9
  • Web Security  Web security is important because so many people visit the World Wide Web every day. Some of the features that make the web useful and entertaining can also make it harmful to a computer.ITE PC v4.0Chapter 1 © 2007 Cisco Systems, Inc. All rights reserved. Cisco Public 10
  • Adware, Spyware, and Grayware  Adware is a software program that displays advertising on your computer. Most often, adware is displayed in a popup window. Adware popup windows are sometimes difficult to control; they open new windows faster than users can close them.  Grayware or malware is a file or program other than a virus that is potentially harmful. Many grayware attacks are phishing attacks, which try to persuade the user to unknowingly give attackers access to personal information.ITE PC v4.0Chapter 1 © 2007 Cisco Systems, Inc. All rights reserved. Cisco Public 11
  •  Spyware, a type of grayware, is similar to adware. It is distributed without any user intervention or knowledge.  Phishing is a form of social engineering, in which the attacker pretends to represent a legitimate outside organization, such as a bank.ITE PC v4.0Chapter 1 © 2007 Cisco Systems, Inc. All rights reserved. Cisco Public 12
  • Denial of Service  Denial of service (DoS) is a form of attack that prevents users from accessing normal services, such as e-mail or a web server. DoS attacks can affect servers and computers in the following ways: ■ Ping of death is a series of repeated, larger-than- normal pings that are intended to crash the receiving computer. ■ An e-mail bomb is a large quantity of bulk e-mail sent to individuals, lists, or domains, intending to prevent users from accessing e-mail.ITE PC v4.0Chapter 1 © 2007 Cisco Systems, Inc. All rights reserved. Cisco Public 13
  •  Distributed DoS (DDoS) is another form of attack that uses many infected computers, called zombies, to launch an attack.ITE PC v4.0Chapter 1 © 2007 Cisco Systems, Inc. All rights reserved. Cisco Public 14
  • Spam and Popup Windows  Spam, also known as junk mail, is unsolicited e- mail. In most cases, spam is used for advertising. However, spam can be used to send harmful links or deceptive content.  (popups) designed to capture your attention and lead you to advertising sites. Uncontrolled popup windows can quickly cover your screen and prevent you from getting any work done.ITE PC v4.0Chapter 1 © 2007 Cisco Systems, Inc. All rights reserved. Cisco Public 15
  • Social Engineering  A social engineer is a person who gains access to equipment or a network by tricking people into providing the necessary information.  Often, the social engineer gains the confidence of an employee and convinces that person to divulge username and password information.ITE PC v4.0Chapter 1 © 2007 Cisco Systems, Inc. All rights reserved. Cisco Public 16
  • The following are some basic precautions to help protect against social engineering: ■ Never give out your password. ■ Always ask for the ID of unknown persons. ■ Restrict the access of unexpected visitors. ■ Escort all visitors. ■ Never post your password in your work area. ■ Log off or lock your computer when you leave your desk. ■ Do not let anyone follow you through a door that requires an access card.ITE PC v4.0Chapter 1 © 2007 Cisco Systems, Inc. All rights reserved. Cisco Public 17
  • Security Procedures  You should use a security plan to determine what will be done in a critical situation.  Security plan policies should be constantly updated to reflect the latest threats to a network.  A security plan with clear security procedures is the basis for a technician to follow.  Security plans should be reviewed each year.ITE PC v4.0Chapter 1 © 2007 Cisco Systems, Inc. All rights reserved. Cisco Public 18
  • Security Pyramid Wireless security Data protection Physical EquipmentITE PC v4.0 Local security policyChapter 1 © 2007 Cisco Systems, Inc. All rights reserved. Cisco Public 19
  • What Is Required in a Basic Local Security Policy? Although local security policies may vary between organizations, all organizations should ask the following questions: ■ What assets require protection? ■ What are the possible threats? ■ What should be done in the event of a security breach?ITE PC v4.0Chapter 1 © 2007 Cisco Systems, Inc. All rights reserved. Cisco Public 20
  • What Is Required in a Basic Local Security Policy? A security policy should describe how a company defines security issues: ■ A process for handling network security incidents ■ A process for auditing existing network security ■ A general security framework for implementing network security ■ Behaviors that are allowed ■ Behaviors that are prohibited ■ What to log and how to store the logs: Event Viewer, system log files, or security log files ■ Network access to resources through account permissions ■ Authentication technologies (such as usernames, passwords, biometrics, and smart cards) to access dataITE PC v4.0Chapter 1 © 2007 Cisco Systems, Inc. All rights reserved. Cisco Public 21
  • Tasks Required to Protect Physical Equipment Physical security is as important as data security. When a computer is stolen, the data is also stolen. There are several ways to physically protect computer equipment: ■ Control access to facilities. ■ Use cable locks with equipment ■ Keep telecommunication rooms locked. ■ Fit equipment with security screws ■ Use security cages around equipment ■ Label and install sensors, such as Radio Frequency Identification (RFID) tags, on equipment.ITE PC v4.0Chapter 1 © 2007 Cisco Systems, Inc. All rights reserved. Cisco Public 22
  • Locking Devices For access to facilities, there are several means of protection: ■ Card keys that store user data, including level of access ■ Biometric sensors that identify the user’s physical characteristics, such as fingerprints or retinas ■ Posted security guard ■ Sensors, such as RFID tags, to monitor equipmentITE PC v4.0Chapter 1 © 2007 Cisco Systems, Inc. All rights reserved. Cisco Public 23
  • Ways to Protect Data Password protection can prevent unauthorized access to content. To keep attackers from gaining access to data, all computers should be password- protected. Two levels of password protection are recommended: ■ BIOS prevents BIOS settings from being changed without the appropriate password. ■ Login prevents unauthorized access to the network.ITE PC v4.0Chapter 1 © 2007 Cisco Systems, Inc. All rights reserved. Cisco Public 24
  • Data Backups ■ Frequency of backups: Backups can take a long time. Sometimes it is easier to make full backup monthly or weekly and then do frequent partial backups of any data that has changed since the last full backup ■ Storing backups: Backups should be transported to an approved offsite storage location for extra security. ■ Security of backups: Backups can be protected with passwords. These passwords have to be entered before the data on the backup media can be restored.ITE PC v4.0Chapter 1 © 2007 Cisco Systems, Inc. All rights reserved. Cisco Public 25