Submit Search
Upload
Unit+six+ +windows+file+protections+and+monitoring
•
1 like
•
189 views
Erdo Deshiant Garnaby
Follow
windows+file+protections+and+monitoring
Read less
Read more
Internet
Report
Share
Report
Share
1 of 30
Download now
Download to read offline
Recommended
Unit+nine+ +additional+topics+and+resources
Unit+nine+ +additional+topics+and+resources
Erdo Deshiant Garnaby
microsoft+windows+security
microsoft+windows+security
Erdo Deshiant Garnaby
Unit+seven+ +introduction+to+linux+and+ubuntu
Unit+seven+ +introduction+to+linux+and+ubuntu
Erdo Deshiant Garnaby
Unit+three+ +computer+basics+and+virtual+machines
Unit+three+ +computer+basics+and+virtual+machines
Erdo Deshiant Garnaby
Lesson 3 - Understanding Native Applications, Tools, Mobility, and Remote Man...
Lesson 3 - Understanding Native Applications, Tools, Mobility, and Remote Man...
Gene Carboni
Ch1 2
Ch1 2
Sumit Tambe
Lesson 5 - Managing Devices
Lesson 5 - Managing Devices
Gene Carboni
Lesson 4 - Managing Applications, Services, Folders, and Libraries
Lesson 4 - Managing Applications, Services, Folders, and Libraries
Gene Carboni
Recommended
Unit+nine+ +additional+topics+and+resources
Unit+nine+ +additional+topics+and+resources
Erdo Deshiant Garnaby
microsoft+windows+security
microsoft+windows+security
Erdo Deshiant Garnaby
Unit+seven+ +introduction+to+linux+and+ubuntu
Unit+seven+ +introduction+to+linux+and+ubuntu
Erdo Deshiant Garnaby
Unit+three+ +computer+basics+and+virtual+machines
Unit+three+ +computer+basics+and+virtual+machines
Erdo Deshiant Garnaby
Lesson 3 - Understanding Native Applications, Tools, Mobility, and Remote Man...
Lesson 3 - Understanding Native Applications, Tools, Mobility, and Remote Man...
Gene Carboni
Ch1 2
Ch1 2
Sumit Tambe
Lesson 5 - Managing Devices
Lesson 5 - Managing Devices
Gene Carboni
Lesson 4 - Managing Applications, Services, Folders, and Libraries
Lesson 4 - Managing Applications, Services, Folders, and Libraries
Gene Carboni
Lesson 1 - Introducing, Installing, and Upgrading Windows 7
Lesson 1 - Introducing, Installing, and Upgrading Windows 7
Gene Carboni
Unit+eight+ +ubuntu+security
Unit+eight+ +ubuntu+security
Erdo Deshiant Garnaby
Lesson 2 - Understanding Operating System Configurations
Lesson 2 - Understanding Operating System Configurations
Gene Carboni
Chapter 8 Operating Systems And Utility Programs
Chapter 8 Operating Systems And Utility Programs
norzaini
Configuring Devices in Windows
Configuring Devices in Windows
Amir Villas
1 5 system software and computer management
1 5 system software and computer management
QondileRamokgadi
Week 6
Week 6
Joey Pierce
Working with Applications
Working with Applications
Amir Villas
The Boot Process
The Boot Process
Amir Villas
Disabling windows file protection
Disabling windows file protection
Jhonathansmrt Smart
Ict 5
Ict 5
Mudasirbaloch
Ch 20
Ch 20
National American University
Lesson 8 - Understanding Backup and Recovery Methods
Lesson 8 - Understanding Backup and Recovery Methods
Gene Carboni
Lesson 7 - Maintaining, Updating, and Protecting
Lesson 7 - Maintaining, Updating, and Protecting
Gene Carboni
Linux webmin
Linux webmin
Sonam Sharma
Red Hat Training
Red Hat Training
Open Source Group
9781111306366 ppt ch5
9781111306366 ppt ch5
Dr. Ahmed Al Zaidy
Ch03
Ch03
Raja Waseem Akhtar
Win8guide
Win8guide
ROHIT KUMAR
Structure of operating system
Structure of operating system
Rafi Dar
Unit+two+ +cyber+ethics+and+online+safety
Unit+two+ +cyber+ethics+and+online+safety
Erdo Deshiant Garnaby
Unit+seven+ +introduction+to+linux+and+ubuntu
Unit+seven+ +introduction+to+linux+and+ubuntu
Erdo Deshiant Garnaby
More Related Content
What's hot
Lesson 1 - Introducing, Installing, and Upgrading Windows 7
Lesson 1 - Introducing, Installing, and Upgrading Windows 7
Gene Carboni
Unit+eight+ +ubuntu+security
Unit+eight+ +ubuntu+security
Erdo Deshiant Garnaby
Lesson 2 - Understanding Operating System Configurations
Lesson 2 - Understanding Operating System Configurations
Gene Carboni
Chapter 8 Operating Systems And Utility Programs
Chapter 8 Operating Systems And Utility Programs
norzaini
Configuring Devices in Windows
Configuring Devices in Windows
Amir Villas
1 5 system software and computer management
1 5 system software and computer management
QondileRamokgadi
Week 6
Week 6
Joey Pierce
Working with Applications
Working with Applications
Amir Villas
The Boot Process
The Boot Process
Amir Villas
Disabling windows file protection
Disabling windows file protection
Jhonathansmrt Smart
Ict 5
Ict 5
Mudasirbaloch
Ch 20
Ch 20
National American University
Lesson 8 - Understanding Backup and Recovery Methods
Lesson 8 - Understanding Backup and Recovery Methods
Gene Carboni
Lesson 7 - Maintaining, Updating, and Protecting
Lesson 7 - Maintaining, Updating, and Protecting
Gene Carboni
Linux webmin
Linux webmin
Sonam Sharma
Red Hat Training
Red Hat Training
Open Source Group
9781111306366 ppt ch5
9781111306366 ppt ch5
Dr. Ahmed Al Zaidy
Ch03
Ch03
Raja Waseem Akhtar
Win8guide
Win8guide
ROHIT KUMAR
Structure of operating system
Structure of operating system
Rafi Dar
What's hot
(20)
Lesson 1 - Introducing, Installing, and Upgrading Windows 7
Lesson 1 - Introducing, Installing, and Upgrading Windows 7
Unit+eight+ +ubuntu+security
Unit+eight+ +ubuntu+security
Lesson 2 - Understanding Operating System Configurations
Lesson 2 - Understanding Operating System Configurations
Chapter 8 Operating Systems And Utility Programs
Chapter 8 Operating Systems And Utility Programs
Configuring Devices in Windows
Configuring Devices in Windows
1 5 system software and computer management
1 5 system software and computer management
Week 6
Week 6
Working with Applications
Working with Applications
The Boot Process
The Boot Process
Disabling windows file protection
Disabling windows file protection
Ict 5
Ict 5
Ch 20
Ch 20
Lesson 8 - Understanding Backup and Recovery Methods
Lesson 8 - Understanding Backup and Recovery Methods
Lesson 7 - Maintaining, Updating, and Protecting
Lesson 7 - Maintaining, Updating, and Protecting
Linux webmin
Linux webmin
Red Hat Training
Red Hat Training
9781111306366 ppt ch5
9781111306366 ppt ch5
Ch03
Ch03
Win8guide
Win8guide
Structure of operating system
Structure of operating system
Viewers also liked
Unit+two+ +cyber+ethics+and+online+safety
Unit+two+ +cyber+ethics+and+online+safety
Erdo Deshiant Garnaby
Unit+seven+ +introduction+to+linux+and+ubuntu
Unit+seven+ +introduction+to+linux+and+ubuntu
Erdo Deshiant Garnaby
Unit+eight+ +ubuntu+security
Unit+eight+ +ubuntu+security
Erdo Deshiant Garnaby
Cyber Ethics
Cyber Ethics
Erdo Deshiant Garnaby
introduction to cyber patriot and cyber security
introduction to cyber patriot and cyber security
Erdo Deshiant Garnaby
Computer Security Hacking
Computer Security Hacking
Erdo Deshiant Garnaby
Unit+four+ +principles+of+cybersecurity
Unit+four+ +principles+of+cybersecurity
Erdo Deshiant Garnaby
Viewers also liked
(7)
Unit+two+ +cyber+ethics+and+online+safety
Unit+two+ +cyber+ethics+and+online+safety
Unit+seven+ +introduction+to+linux+and+ubuntu
Unit+seven+ +introduction+to+linux+and+ubuntu
Unit+eight+ +ubuntu+security
Unit+eight+ +ubuntu+security
Cyber Ethics
Cyber Ethics
introduction to cyber patriot and cyber security
introduction to cyber patriot and cyber security
Computer Security Hacking
Computer Security Hacking
Unit+four+ +principles+of+cybersecurity
Unit+four+ +principles+of+cybersecurity
Similar to Unit+six+ +windows+file+protections+and+monitoring
Backing up your data
Backing up your data
aaberra
Joe Buonomo-ASQ Presentation
Joe Buonomo-ASQ Presentation
Joe Buonomo
Best Practices for Data Sharing (CHPC 2019 - South Africa)
Best Practices for Data Sharing (CHPC 2019 - South Africa)
Globus
Lesson 9: Managing Files
Lesson 9: Managing Files
Mahmmoud Mahdi
old file system/traditional file sysytem
old file system/traditional file sysytem
jizaka
Pace IT - Basic OS Security Settings (Part 2)
Pace IT - Basic OS Security Settings (Part 2)
Pace IT at Edmonds Community College
Information management
Information management
Deepak John
CH12-CompSec4e.pptx
CH12-CompSec4e.pptx
ams1ams11
Document management and collaboration system
Document management and collaboration system
Som Imaging Informatics Pvt. Ltd
Dataverse Permissions Demystified - PowerAddicts BE 11-2022.pptx
Dataverse Permissions Demystified - PowerAddicts BE 11-2022.pptx
Rebekka Aalbers-de Jong
7-Backups of security Devices-03-06-2023.ppt
7-Backups of security Devices-03-06-2023.ppt
abhichowdary16
Aix 400
Aix 400
Emami Limited
Net essentials6e ch9
Net essentials6e ch9
APSU
Net essentials6e ch9
Net essentials6e ch9
APSU
Controlling Delegation of Windows Servers and Active Directory
Controlling Delegation of Windows Servers and Active Directory
Zoho Corporation
Remo Outlook Backup and Migrate
Remo Outlook Backup and Migrate
Remo Software
EndPoint Vault (Demo Walkthrough)
EndPoint Vault (Demo Walkthrough)
EndPoint Cloud Vault
The basics of remote data replication
The basics of remote data replication
FileCatalyst
Windows File Auditing Cheat Sheet ver Oct 2016 - MalwareArchaeology
Windows File Auditing Cheat Sheet ver Oct 2016 - MalwareArchaeology
Michael Gough
ppt ch10
ppt ch10
sadejoseph
Similar to Unit+six+ +windows+file+protections+and+monitoring
(20)
Backing up your data
Backing up your data
Joe Buonomo-ASQ Presentation
Joe Buonomo-ASQ Presentation
Best Practices for Data Sharing (CHPC 2019 - South Africa)
Best Practices for Data Sharing (CHPC 2019 - South Africa)
Lesson 9: Managing Files
Lesson 9: Managing Files
old file system/traditional file sysytem
old file system/traditional file sysytem
Pace IT - Basic OS Security Settings (Part 2)
Pace IT - Basic OS Security Settings (Part 2)
Information management
Information management
CH12-CompSec4e.pptx
CH12-CompSec4e.pptx
Document management and collaboration system
Document management and collaboration system
Dataverse Permissions Demystified - PowerAddicts BE 11-2022.pptx
Dataverse Permissions Demystified - PowerAddicts BE 11-2022.pptx
7-Backups of security Devices-03-06-2023.ppt
7-Backups of security Devices-03-06-2023.ppt
Aix 400
Aix 400
Net essentials6e ch9
Net essentials6e ch9
Net essentials6e ch9
Net essentials6e ch9
Controlling Delegation of Windows Servers and Active Directory
Controlling Delegation of Windows Servers and Active Directory
Remo Outlook Backup and Migrate
Remo Outlook Backup and Migrate
EndPoint Vault (Demo Walkthrough)
EndPoint Vault (Demo Walkthrough)
The basics of remote data replication
The basics of remote data replication
Windows File Auditing Cheat Sheet ver Oct 2016 - MalwareArchaeology
Windows File Auditing Cheat Sheet ver Oct 2016 - MalwareArchaeology
ppt ch10
ppt ch10
Recently uploaded
Chennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts service
Chennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts service
vipmodelshub1
VIP Kolkata Call Girls Salt Lake 8250192130 Available With Room
VIP Kolkata Call Girls Salt Lake 8250192130 Available With Room
girls4nights
Call Girls In Mumbai Central Mumbai ❤️ 9920874524 👈 Cash on Delivery
Call Girls In Mumbai Central Mumbai ❤️ 9920874524 👈 Cash on Delivery
babeytanya
Call Girls In South Ex 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SERVICE
Call Girls In South Ex 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SERVICE
Call Girls In Delhi Whatsup 9873940964 Enjoy Unlimited Pleasure
Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)
Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)
Dana Luther
VIP Kolkata Call Girl Dum Dum 👉 8250192130 Available With Room
VIP Kolkata Call Girl Dum Dum 👉 8250192130 Available With Room
divyansh0kumar0
Call Girls Service Dwarka @9999965857 Delhi 🫦 No Advance VVIP 🍎 SERVICE
Call Girls Service Dwarka @9999965857 Delhi 🫦 No Advance VVIP 🍎 SERVICE
Call Girls In Delhi Whatsup 9873940964 Enjoy Unlimited Pleasure
Hot Sexy call girls in Rk Puram 🔝 9953056974 🔝 Delhi escort Service
Hot Sexy call girls in Rk Puram 🔝 9953056974 🔝 Delhi escort Service
9953056974 Low Rate Call Girls In Saket, Delhi NCR
VIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With Room
VIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With Room
ishabajaj13
VIP Call Girls Kolkata Ananya 🤌 8250192130 🚀 Vip Call Girls Kolkata
VIP Call Girls Kolkata Ananya 🤌 8250192130 🚀 Vip Call Girls Kolkata
anamikaraghav4
Low Rate Call Girls Kolkata Avani 🤌 8250192130 🚀 Vip Call Girls Kolkata
Low Rate Call Girls Kolkata Avani 🤌 8250192130 🚀 Vip Call Girls Kolkata
anamikaraghav4
Git and Github workshop GDSC MLRITM
Git and Github workshop GDSC MLRITM
gdsc13
定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一
定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一
Fs
Russian Call Girls in Kolkata Ishita 🤌 8250192130 🚀 Vip Call Girls Kolkata
Russian Call Girls in Kolkata Ishita 🤌 8250192130 🚀 Vip Call Girls Kolkata
anamikaraghav4
How is AI changing journalism? (v. April 2024)
How is AI changing journalism? (v. April 2024)
Damian Radcliffe
Russian Call Girls in Kolkata Samaira 🤌 8250192130 🚀 Vip Call Girls Kolkata
Russian Call Girls in Kolkata Samaira 🤌 8250192130 🚀 Vip Call Girls Kolkata
anamikaraghav4
定制(UAL学位证)英国伦敦艺术大学毕业证成绩单原版一比一
定制(UAL学位证)英国伦敦艺术大学毕业证成绩单原版一比一
Fs
Call Girls South Delhi Delhi reach out to us at ☎ 9711199012
Call Girls South Delhi Delhi reach out to us at ☎ 9711199012
rehmti665
Russian Call girls in Dubai +971563133746 Dubai Call girls
Russian Call girls in Dubai +971563133746 Dubai Call girls
stephieert
Denver Web Design brochure for public viewing
Denver Web Design brochure for public viewing
bigorange77
Recently uploaded
(20)
Chennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts service
Chennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts service
VIP Kolkata Call Girls Salt Lake 8250192130 Available With Room
VIP Kolkata Call Girls Salt Lake 8250192130 Available With Room
Call Girls In Mumbai Central Mumbai ❤️ 9920874524 👈 Cash on Delivery
Call Girls In Mumbai Central Mumbai ❤️ 9920874524 👈 Cash on Delivery
Call Girls In South Ex 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SERVICE
Call Girls In South Ex 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SERVICE
Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)
Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)
VIP Kolkata Call Girl Dum Dum 👉 8250192130 Available With Room
VIP Kolkata Call Girl Dum Dum 👉 8250192130 Available With Room
Call Girls Service Dwarka @9999965857 Delhi 🫦 No Advance VVIP 🍎 SERVICE
Call Girls Service Dwarka @9999965857 Delhi 🫦 No Advance VVIP 🍎 SERVICE
Hot Sexy call girls in Rk Puram 🔝 9953056974 🔝 Delhi escort Service
Hot Sexy call girls in Rk Puram 🔝 9953056974 🔝 Delhi escort Service
VIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With Room
VIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With Room
VIP Call Girls Kolkata Ananya 🤌 8250192130 🚀 Vip Call Girls Kolkata
VIP Call Girls Kolkata Ananya 🤌 8250192130 🚀 Vip Call Girls Kolkata
Low Rate Call Girls Kolkata Avani 🤌 8250192130 🚀 Vip Call Girls Kolkata
Low Rate Call Girls Kolkata Avani 🤌 8250192130 🚀 Vip Call Girls Kolkata
Git and Github workshop GDSC MLRITM
Git and Github workshop GDSC MLRITM
定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一
定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一
Russian Call Girls in Kolkata Ishita 🤌 8250192130 🚀 Vip Call Girls Kolkata
Russian Call Girls in Kolkata Ishita 🤌 8250192130 🚀 Vip Call Girls Kolkata
How is AI changing journalism? (v. April 2024)
How is AI changing journalism? (v. April 2024)
Russian Call Girls in Kolkata Samaira 🤌 8250192130 🚀 Vip Call Girls Kolkata
Russian Call Girls in Kolkata Samaira 🤌 8250192130 🚀 Vip Call Girls Kolkata
定制(UAL学位证)英国伦敦艺术大学毕业证成绩单原版一比一
定制(UAL学位证)英国伦敦艺术大学毕业证成绩单原版一比一
Call Girls South Delhi Delhi reach out to us at ☎ 9711199012
Call Girls South Delhi Delhi reach out to us at ☎ 9711199012
Russian Call girls in Dubai +971563133746 Dubai Call girls
Russian Call girls in Dubai +971563133746 Dubai Call girls
Denver Web Design brochure for public viewing
Denver Web Design brochure for public viewing
Unit+six+ +windows+file+protections+and+monitoring
1.
AIR FORCE ASSOCIATION’S NATIONAL
YOUTH CYBER EDUCATION PROGRAM CYBERPATRIOT www.uscyberpatriot.org UNIT SIX Windows File Protections and Monitoring
2.
AIR FORCE ASSOCIATION’S NATIONAL
YOUTH CYBER EDUCATION PROGRAM CYBERPATRIOT www.uscyberpatriot.org SECTION ONE Windows File Protections 1
3.
© Air Force
Association • 3 Goals of information security: ‐ Maintain information confidentiality • Making sure only approved users have access to data ‐ Maintain information integrity • Data Integrity: assurance that information has not been tampered with or corrupted between the source and the end user • Source Integrity: assurance that the sender of the information is who it is supposed to be ‐ Maintain information availability • Ensuring data is accessible by approved users when needed The CIA Triad (Review) Source: http://www.techrepublic.com/blog/it-security/the-cia-triad/
4.
© Air Force
Association • Important tool for ensuring data integrity and confidentiality • More customizable than the blanket set of permissions given to users by adding them to either the Users or Administrators group • Use to restrict access or editing rights to specific data on shared resources • Can be customized by individual user or by user group 3 File Permissions
5.
© Air Force
Association • Full Control ‐ Administrator level access ‐ Users can make every possible change to a selected file or the contents of a selected folder • Modify ‐ Allows users to change a file’s content, but not its ownership ‐ Users cannot delete the file • Read & Execute ‐ Allows users to open and run programs • List Folder Contents ‐ Allows users to view the names of files stored in the selected folder • Write ‐ Allows users to make changes to a file and overwrite existing content • Read ‐ Allows users to view the attributes of a file or folder, but not edit it 4 Types of File Permissions
6.
© Air Force
Association • Use inheritable permissions to apply the same security settings to all of the files (child objects) in a folder (parent object) 5 Parent and Child Objects Parent object Child objects Parent object Child objectsParent object Child objects
7.
© Air Force
Association • By default, objects within a folder, known as child objects, inherit permission settings from their containing folder, known as the parent object • You can turn off inheritable permissions and customize who gets what kind of access to certain folders, subfolders, or documents • Depending on how many users need access to a sensitive file or folder and how many of the files in a folder need to be restricted, there are several ways to apply permissions ‐ E.g. If you want certain users or groups to be denied access to all but a few files within a folder, it is quickest to apply a restrictive permission setting to the parent object (folder). Once you have denied those users’ access to all of the files in the folder, you can go to the individual files you do want them to have access to and override the permissions those files inherited from the parent folder. 6 Inheritable Permissions
8.
© Air Force
Association • To apply the same permissions to all of the contents of a folder, Right-click the folder → Select Properties → Click the Security tab • Edit the permissions of an entire group by highlighting it and checking the appropriate boxes • Edit the permissions of a specific user (or subgroups you have created) by using the “Add…” button to add him/her to the Group or Usernames box and then checking the appropriate boxes 7 Customizing Permissions 1. 2. 3. 4.
9.
© Air Force
Association • To remove permissions inherited from a parent and create custom settings, Click the “Advanced” button from the Security tab → Click Change Permissions → Uncheck the “Include inheritable permissions…” box • Customize permissions for individual users and/or groups using the “Add…” button. • To extend your new settings to all of the child object or to extend permissions to the child objects in a folder, check the “Replace all child objects….” button 8 Customizing Permissions 1. 2. 3.
10.
© Air Force
Association • Another method of protecting information confidentiality and integrity • Much quicker than setting file permissions and can be used to control access to documents shared with people outside your network • Open a Microsoft Word document → Click the Window button → Prepare → Encrypt Document 9 MS Office File Encryption
11.
© Air Force
Association • Encrypt multiple files and files of different types (.doc, .mp4, etc.) at once by zipping (compressing) them in 7-Zip or another zipping program • To install 7-zip, go to: www.7-zip.org • Zipping also condenses the size of files, making them easier to transfer across the Internet or fit on a USB drive • Open your Documents→ Select Files → Right-Click → 7-Zip → Add to Archive → Use the Encryption section to add a password to the .zip file 10 7-Zip Zipped File Encryption 1. 2.
12.
© Air Force
Association • Ensure data remain available to users during and after a natural disaster, power outage, hardware failure or hacking attack • If your system is breached and files lose their integrity, backups can be restored to allow users to work with the latest untampered versions of files • Windows allows you to create three types of backups: ‐ System Repair Disc: • Contains only the system files needed to install/restore Windows to a computer without a functioning OS • Can be followed with a system image to restore everything else ‐ System image: • Contains files and programs on your system and Windows system files and settings • When you boot a computer with a functioning OS from a system image, the entire system will be automatically restored ‐ “Full” Backup • Saves the program files, folders, and documents you have selected to back up, so they can be later restored to a machine with a functioning OS • Much smaller file size than system repair discs, so can be run more frequently 11 Windows Backup Options Sources: http://windows.microsoft.com/en-us/windows7/what-is-a-system-image, http://windows.microsoft.com/en-us/windows7/create-a-system-repair-disc, http://windows.microsoft.com/en-us/windows/back-up-files#1TC=windows-7
13.
© Air Force
Association • Control Panel System and Security Backup your computer • Use the buttons on the left to launch the setup wizards for system images and system repair disc • Use the change settings button to set-up regular, automatic “full backups” 12 Creating Backups 1. 2. Sources: http://windows.microsoft.com/en-us/windows7/what-is-a-system-image, http://windows.microsoft.com/en-us/windows7/create-a-system-repair-disc, http://windows.microsoft.com/en-us/windows/back-up-files#1TC=windows-7
14.
AIR FORCE ASSOCIATION’S NATIONAL
YOUTH CYBER EDUCATION PROGRAM CYBERPATRIOT www.uscyberpatriot.org SECTION TWO Windows Auditing 13
15.
© Air Force
Association • Security tool that allows you to view records of changes and other events that have happened on a computer • Used by cybersecurity professionals to monitor system changes and the inner workings and less visible processes run by a computer • Control Panel → System and Security → Administrative Tools → Event Viewer Event Viewer 14 Source: http://www.microsoft.com/resources/documentation/windows/xp/all/proddocs/en-us/sag_seconceptsimpaudbp.mspx?mfr=true
16.
© Air Force
Association • Security logs can be a useful last defense against attacks and a tool for forensics investigations into the source of a past attack or unauthorized entry • Customize what security logs are kept by setting Audit Policies Windows Logs 15 Events logged by programs Any successful or unsuccessful logon attempts Events that occurred during installation Events logged by system components Events forwarded from other computers Source: http://technet.microsoft.com/en-us/library/hh824819.aspx
17.
© Air Force
Association • Control Panel →System and Security → Administrative Tools → Local Security Policy → Local Policies → Audit Policy ‐ Success: generates an event when the requested action succeeds ‐ Failure: generates an event when the requested action fails ‐ No Auditing: does not generate an event for the action • Right click the Security Setting column → Properties → Success, Failure Audit Policy Settings 16 1. 2.
18.
© Air Force
Association • Must be set and enabled for logs to be available in the Event Viewer ‐ Account logon events: Attempts to log into system accounts ‐ Account management: Account creation or deletion, password changes, user group changes ‐ Directory service access: Changes to shared resources on a network ‐ Logon events: Attempts to log into a specific shared computer ‐ Object access: Access to sensitive, restricted files ‐ Policy change: Attempts to change local security policies, user rights, and auditing policies ‐ Privilege use: Attempts to execute restricted system changes ‐ Process tracking: Attempts to modify program files, which have rewritten or disrupted program processes (*key to detecting virus outbreaks) ‐ System events: Computer shutdowns or restarts Audit Policy Settings 17 *Recommended for Windows 7 users and Windows Server 2008 users *Recommended only for Windows Server 2008 users Sources: http://www.microsoft.com/resources/documentation/windows/xp/all/proddocs/en-us/sag_seconceptsimpaudbp.mspx?mfr=true , http://technet.microsoft.com/en-us/library/dd277311.aspx , http://technet.microsoft.com/en-us/library/dn487457.aspx
19.
AIR FORCE ASSOCIATION’S NATIONAL
YOUTH CYBER EDUCATION PROGRAM CYBERPATRIOT www.uscyberpatriot.org SECTION THREE Performance Monitoring 18
20.
© Air Force
Association • Allows you to track the use and performance of hardware and software resources on a system • Allows you to view real-time and historical data ‐ Stop problems as they’re happening ‐ Predict future problems ‐ Conduct forensics to close vulnerabilities and stop intrusions of the same type from happening again • Allows you to decide if hardware or software needs updating • Allows you to determine if unknown programs and/or malware are running • Allows you to monitor and restrict user access Performance Monitoring 19
21.
© Air Force
Association • Shows programs, services, and processes currently running • Shows network activity and resource utilization • Right Click on the Menu Bar → Task Manager or press Ctrl + Alt + Del and Select “Start Task Manager” Task Manager 20 Applications: programs you interact with on the desktop Processes: Files (.exe) that control applications Services: processes that do not interact with the desktop (e.g. hardware drivers) Source: http://superuser.com/questions/209654/whats-the-difference-between-an-application-process-and-services
22.
© Air Force
Association • Three tasks: 1. Close programs that are not responding 2. Check if an unnecessary piece of software is running 3. Find the process that is associated with certain software, so you do not shut it down when looking for illegitimate services Task Manager – Applications Tab 21 Not Responding 1. 2. 3.
23.
© Air Force
Association • Some processes are essential for Windows and should not be shut down • Some malware are not visible as applications and can only be ended by shutting down associated services • Lookup processes to determine whether they are legitimate: www.processlibrary.com 22 Task Manager – Processes Tab Use either of these shutdown crashed or malicious processes Click this to see process run by the SYSTEM or other active users (Right-click)
24.
© Air Force
Association • List of processes running in the background • Click the “Services” button to manage services in advanced window 23 Task Manager – Services Tab
25.
© Air Force
Association • Services are programs that run invisibly and automatically in the background ‐ E.g. Windows Defender and Windows Firewall Monitoring Services 24 Status: ‐ Started: Currently running ‐ Blank: Not running Startup Type (how services start when the computer is booted up): ‐ Automatic: Starts when computer is booted up ‐ Manual: Starts when prompted to by user ‐ Disabled: Cannot be re-enabled automatically or manually by regular users (only Admins)
26.
© Air Force
Association • Two reasons to disable services: 1. Unnecessary • E.g. Spotify or other programs that decrease student/worker efficiency 2. Insecure • E.g. Remote Desktop Services or others than allow people to access your file systems from outside the organization’s networks • To disable a service or otherwise change its startup type, right-click it and select “Properties” Disabling Services 25 1. 2. Source: http://www.techrepublic.com/blog/10-things/10-plus-windows-7-services-you-may-not-need/
27.
© Air Force
Association • Monitors current and past resource use • Shows CPU usage by core ‐If your computer has multiple cores, you will see multiple CPU graphs ‐The more cores your computer has, the higher its processing power Task Manager: Performance Tab 26 Show the current usage of your CPU and memory out of the total available on your computer. Shows CPU usage over time. A high percentage indicates a program or process might not be responding. Ending that process or program should improve performance. Source: http://windows.microsoft.com/en-us/windows/see-details-computers-performance-task-manager#1TC=windows-7
28.
© Air Force
Association Task Manager: Performance Tab (cont.) 27 Displays the amount of RAM being used over time. Extremely high values could indicate hidden malware is operating on your system. Provides details on how RAM is being used. Cached RAM is used by system resources, available RAM is the amount immediately available for use by processes, drivers, or the OS, and free RAM is unused or does not contain useful information Lists how much memory is being used by the OS as a whole. If these numbers are very high, Windows might be corrupt or there is a piece of malware that is hampering its ability to run effectively. Source: http://windows.microsoft.com/en-us/windows/see-details-computers-performance-task-manager#1TC=windows-7
29.
© Air Force
Association • Network connectivity problems can arise from a broken router, switch, or cable, or from the computer itself ‐ The Networking tab will allow you to check whether the computer is the origin of the problem 28 Task Manager: Networking Tab Source: http://www.bleepingcomputer.com/tutorials/how-to-use-the-windows-task-manager/#networking Lists the names of your connections and tells you the percentage of your overall network that each connection is utilizing, the speed of the link, and whether or not that link is fully connected. Shows network performance over time. If utilization is very high one or more programs on your may be eating up all of your available bandwidth. Or, if you are not currently using any programs connected to the Internet, a high number could indicate you have malware on your computer or that an intruder is accessing your computer remotely.
30.
© Air Force
Association • Shows you all of the users currently logged on to the system • Allows you to “disconnect” users ‐ Terminate the user’s connection without shutting down the programs they were running • Allows you to “logoff” users ‐ Log the user off the computer completely and terminate any running programs Task Manager: Users Tab 29 Source: http://www.bleepingcomputer.com/tutorials/how-to-use-the-windows-task-manager/#networking
Download now