SlideShare a Scribd company logo

Unit+nine+ +additional+topics+and+resources

Erdo Deshiant Garnaby
Erdo Deshiant Garnaby

+additional+topics+and+resources

Internet
1 of 19
Download to read offline
AIR FORCE ASSOCIATION’S NATIONAL YOUTH CYBER EDUCATION PROGRAM CYBERPATRIOT www.uscyberpatriot.org UNIT NINE Additional Training Topics and Tips
AIR FORCE ASSOCIATION’S NATIONAL YOUTH CYBER EDUCATION PROGRAM CYBERPATRIOT www.uscyberpatriot.org SECTION ONE Topics for Further Study 1
© Air Force Association • A web server stores, processes, and delivers web pages to clients using HTTP ‐ Definition and diagrams of a web server: http://www.pcmag.com/encyclopedia/te rm/54342/web-server • The leading web server software is the Apache HTTP Server ‐ Information on Apache: http://httpd.apache.org/ABOUT_APACHE .html Web Servers 2 Source: http://upload.wikimedia.org/wikipedia/commons/f/f6/SunFire-X4200.jpg
© Air Force Association • Windows operating systems typically use one of two file systems to organize data on hard discs ‐ FAT32 • Used in older operating systems such as Windows 95 and 98 ‐ NTFS • Modern file system currently used in Windows XP onward • Comparison of FAT32 and NTFS: http://windows.microsoft.com/en-us/windows-vista/comparing-ntfs- and-fat-file-systems 3 File Systems Ubuntu Tip: Linux systems use the Ext2, Ext3, or Ext4 file systems: https://help.ubuntu.com/community/LinuxFilesystemsExplained
© Air Force Association • MMC is a Windows component that allows customization and configuration of a system via GUI objects called snap-ins. • Common snap-ins include: ‐ Computer Management ‐ Group Policy Management ‐ Services ‐ Performance ‐ Event Viewer • Microsoft’s MMC guide: http://technet.microsoft.com/en-us/library/bb742442.aspx 4 Microsoft Management Console
© Air Force Association • Group Policy: Settings for groups of users and computers, including those regarding registry-based policy, security, computer startup and shutdown, and logon and logoff ‐ Details on Microsoft group policy: http://technet.microsoft.com/en- us/library/bb742376.aspx • Some useful settings may be: ‐ Not displaying last user name on login screen • How to: http://support2.microsoft.com/kb/310125 ‐ Requiring Ctrl Alt Del before signing on • How to: http://support.microsoft.com/kb/308226 5 Group Policy Source: http://blog.codinghorror.com/content/images/uploads/2005/05/6a0120a85dcdae970b012877 6fbe89970c-pi.png
© Air Force Association • Authentication protocol ‐ Authentication protocol confirms the identity of any user logging on to a domain or access network resources ‐ NTLM is a Microsoft authentication protocol: http://msdn.microsoft.com/en- us/library/windows/desktop/aa378749(v=vs.85).aspx • Password hashing ‐ Method of taking a variable-length password and creating a cryptic, fixed-length password from it ‐ Details on password hashing: http://security.blogoverflow.com/2013/09/about-secure-password- hashing/ ‐ LanMan Hash is a password hashing function of NTLM • Details on the security risk of LanMan Hash: http://www.microsoft.com/security/sir/strategy/default.aspx#!passwor d_hashes 6 NT LAN Manager (NTLM) Ubuntu Tip: Ubuntu 8.10 and later use salted SHA-512 based password hashes: https://wiki.ubuntu.com/Security/Features
© Air Force Association • The Security Account Manager (SAM) is a Windows database that stores user accounts and security descriptors for users on the local computer ‐ Information on the SAM: http://searchenterprisedesktop.techtarget.com/definition/Security-Accounts- Manager ‐ Possible security issues: https://technet.microsoft.com/en- us/library/security/ms14-016.aspx Security Account Manager (SAM) 7 Source: http://computerstepbystep.com/wpimages/wp8863e5cd_01.png
© Air Force Association • Remote connections are ways of sharing systems. • Examples: ‐ Virtual Network Computing (VNC) • VNC allows you to share and give control of your desktop to another user • VNC variants and applications: http://ipinfo.info/html/vnc_remote_control.php ‐ Remote Desktop • Similar to VNC, Remote Desktop Protocol (RDP), allows a user to control a remote system • Using RDP: http://windows.microsoft.com/en-us/windows/connect- using-remote-desktop-connection#connect-using-remote-desktop- connection=windows-7 Sharing Systems and Remote Connections 8 Source: http://blog.tmcnet.com/blog/tom- keating/images/remote-desktop-general-tab.jpg Ubuntu Tip: If using a Gnome desktop, Remote desktop is easy in Ubuntu: http://www.makeuseof.com/tag/ubuntu-remote-desktop-builtin-vnc-compatible-dead-easy/
© Air Force Association • The File Transfer Protocol (FTP) is a standard network protocol used to transfer computer files from one host to another over the Internet ‐ FTP FAQ: http://windows.microsoft.com/en-us/windows-vista/file-transfer-protocol- ftp-frequently-asked-questions • Secure File Transfer Protocol works similarly to FTP but is more secure ‐ How to use SFTP: https://www.digitalocean.com/community/tutorials/how-to-use- sftp-to-securely-transfer-files-with-a-remote-server • Trivial File Transfer Protocol (TFTP) is a simplified version of FTP ‐ Details on TFTP: http://compnetworking.about.com/od/ftpfiletransfer/g/tftp-trivial- file-transfer-protocol.htm 9 FTP, TFTP, and SFTP Source: http://www.deskshare.com/resources/articles/images/ftp-protocol.gif
© Air Force Association • The registry is a hierarchical database that stores configuration settings and options ‐ WARNING: If you do not know what you are doing, editing the registry can cause serious problems that may require you to reinstall Windows ‐ Explanation of the registry and how to make edits: http://pcsupport.about.com/od/termsr/p/ registrywindows.htm ‐ Managing remote access to the registry: http://support2.microsoft.com/kb/314837 Windows Registry 10 Source: http://www.computerhope.com/reg1.gif Ubuntu Tip: There is no registry in Ubuntu per se, but if using a GNOME desktop, dconf is similar: https://wiki.gnome.org/action/show/Projects/dconf?action=show&redirect=dconf
© Air Force Association • Like Linux, the command line in Windows allows you to enter commands without a GUI. • Sample commands are: ‐ Ipconfig is used to view or modify a computer’s IP addresses ‐ Bcedit is used to view or make changes to Boot Configuration Data ‐ Cmd starts a new instance of the command line interpreter ‐ Convert is used to change FAT32 formatted volumes to NTFS ‐ Nslookup is used to display the hostname of an entered IP address • Opening the command prompt: http://windows.microsoft.com/en- us/windows-vista/open-a-command-prompt-window • Detailed list of commands: http://pcsupport.about.com/od/commandlinereference/tp/windows-7- commands-p1.htm 11 Windows Command Prompt
© Air Force Association • TCP/IP is a set of communication protocols ‐ Transmission Control Protocol (TCP) provides reliable, ordered, and error-checked delivery of data ‐ User Datagram Protocol (UDP) uses a simple connectionless transmission model • TCP/IP applications send data to specific ports to help computer systems understand what to do with the data that flows into them, • Examples of common ports and protocols: • Open ports can be a security risk by allowing attackers into your system ‐ Firewalls typically block unnecessary ports, but it is unwise to blindly rely on one ‐ Information on determining which ports are open and which should be closed: http://www.techrepublic.com/article/lock-it-down-develop-a-strategy-for-securing-ports-on-your-servers/ 12 Ports and Protocols Service Protocol Port FTP TCP 20, 21 TFTP UDP 69 HTTP TCP 80 HTTPS TCP 443 RDP TCP 3389
© Air Force Association • A DMZ acts as a gateway to the public internet that acts as an additional layer of security to an organizations local area network ‐ An external attacker only has direct access to equipment in the DMZ • A typical DMZ may look like the following (the unlabeled green icon in the center is a firewall): 13 Demilitarized Zone (DMZ) Source: http://en.wikipedia.org/wiki/DMZ_(computing)#mediaviewer/File:DMZ_network_diagram_1_firewall.svg
© Air Force Association • DCOM is a technology for communication among software components distributed across networked computers ‐ In depth information on DCOM: https://www.princeton.edu/~achaney/tmve/wiki100k/ docs/Distributed_Component_Object_Model.html ‐ Mitigating DCOM Vulnerabilities: http://technet.microsoft.com/en- us/library/dd632946.aspx Distributed Component Object Model (DCOM) 14
AIR FORCE ASSOCIATION’S NATIONAL YOUTH CYBER EDUCATION PROGRAM CYBERPATRIOT www.uscyberpatriot.org SECTION TWO Tips from CyberPatriot Veterans 15
© Air Force Association • Familiarize yourself with Microsoft Windows tools and resources ‐ Microsoft SysInternals Suite Applications that help troubleshoot Windows issues and administer the operating system. ‐ Windows God Mode. Windows 7 and 8 feature that allows all Control Panel and Policy functions from one folder on the desktop. ‐ Microsoft Baseline Security Analyzer (MBSA) and Security Essentials ‐ How to Geek School contains a number of tutorial videos on securing Windows and using SysInternals tools. ‐ BleepingComputer Security Tutorials & Tools is another site with information and tools that will help. • Familiarize yourself with the Ubuntu Linux Operating System ‐ The official Ubuntu Desktop Guide is available at https://help.ubuntu.com/12.04/ubuntu-help/index.html. This will help introduce you to the operating system. ‐ Fosswire has a couple of cheat sheets. These show commands to run on a terminal / command line. • http://www.cheat-sheets.org/saved-copy/fwunixref.pdf • http://www.cheat-sheets.org/saved-copy/ubunturef.pdf • Make sure your team documents everything they do on the images • Get hands-on practice with virtual images using your MSDN account • Have students who are not “hands on” the images during competition are taking notes, doing research, and observing the students who are “hands on” • Have fun! • Ron’s presentation at the October 2014 Online Meeting: http://youtu.be/QmcYUHY8QYI Ron Woerner, CP-VI Mentor of the Year, Tips 16
© Air Force Association • Have students instruct new students as much as possible ‐ Teaching others reinforces their learning ‐ Even with the beginners, have them teach whatever they have learned to prospective Competitors during open houses; it makes them understand they are getting somewhere • Resources ‐ Research on the Internet ‐ Cannot rely only on Mentor’s knowledge – most are experts in narrow subjects ‐ The Coach and the Mentor both need to keep learning all the time ‐ Talk to IT people, computer experts, friends – Get ideas from everyone, everywhere • Practices ‐ We run two practices each week, often it is much of the same content because there is not one day when all my cadets can practice together ‐ Have a plan for what you want to accomplish for practices but be flexible ‐ Balance practice vs instruction ‐ Repetition, repetition, repetition ‐ Train on resetting the images during competition, even experienced teams will lock themselves out or crash images ‐ Train on connectivity issues – how to figure out why they are not connected to the internet / network – dhcp, etc. • Competition ‐ Read Scenario and Forensic Questions BEFORE doing anything else ‐ Plan a restart with 30 - 45 min left, it can take a long time to complete updates ‐ Middle School - lots of breaks to keep them engaged mentally ‐ Watch what snacks they have when – beware of the sugar crash Ken Steffey, CP-VI Coach of the Year, Tips 17
© Air Force Association • Make sure Coaches and Mentors know the students – Don’t force learning during unfocused times. • Find THAT KID to lead and motivate the rest of the team • Know Coach and Mentor limitations and seek out other resources when necessary. ‐ Randy Mills, CP-VI Open Division National Finalist Coach • Have your Mentor know the material better than the students. This frees up the Coach for administrative tasks and provides better support for the team. • Plan for the competition early and eliminate equipment/connectivity obstacles. • Recruit students who are motivated self-starters and try to fill out a full team roster. • Provide supplementary curriculum; the CyberPatriot training materials don’t cover everything. ‐ Joe Gombos, CP-VI All Service Division National Finalist Coach 18 Other Tips

Recommended

Unit+six+ +windows+file+protections+and+monitoring
Unit+six+ +windows+file+protections+and+monitoringUnit+six+ +windows+file+protections+and+monitoring
Unit+six+ +windows+file+protections+and+monitoringErdo Deshiant Garnaby
 
Unit+three+ +computer+basics+and+virtual+machines
Unit+three+ +computer+basics+and+virtual+machinesUnit+three+ +computer+basics+and+virtual+machines
Unit+three+ +computer+basics+and+virtual+machinesErdo Deshiant Garnaby
 
microsoft+windows+security
microsoft+windows+securitymicrosoft+windows+security
microsoft+windows+securityErdo Deshiant Garnaby
 
Unit+seven+ +introduction+to+linux+and+ubuntu
Unit+seven+ +introduction+to+linux+and+ubuntuUnit+seven+ +introduction+to+linux+and+ubuntu
Unit+seven+ +introduction+to+linux+and+ubuntuErdo Deshiant Garnaby
 
Unit+eight+ +ubuntu+security
Unit+eight+ +ubuntu+securityUnit+eight+ +ubuntu+security
Unit+eight+ +ubuntu+securityErdo Deshiant Garnaby
 
Ch1 2
Ch1 2Ch1 2
Ch1 2Sumit Tambe
 
Lesson 3 - Understanding Native Applications, Tools, Mobility, and Remote Man...
Lesson 3 - Understanding Native Applications, Tools, Mobility, and Remote Man...Lesson 3 - Understanding Native Applications, Tools, Mobility, and Remote Man...
Lesson 3 - Understanding Native Applications, Tools, Mobility, and Remote Man...Gene Carboni
 
The Boot Process
The Boot ProcessThe Boot Process
The Boot ProcessAmir Villas
 

Recommended

Unit+six+ +windows+file+protections+and+monitoring
Unit+six+ +windows+file+protections+and+monitoringUnit+six+ +windows+file+protections+and+monitoring
Unit+six+ +windows+file+protections+and+monitoringErdo Deshiant Garnaby
 
Unit+three+ +computer+basics+and+virtual+machines
Unit+three+ +computer+basics+and+virtual+machinesUnit+three+ +computer+basics+and+virtual+machines
Unit+three+ +computer+basics+and+virtual+machinesErdo Deshiant Garnaby
 
microsoft+windows+security
microsoft+windows+securitymicrosoft+windows+security
microsoft+windows+securityErdo Deshiant Garnaby
 
Unit+seven+ +introduction+to+linux+and+ubuntu
Unit+seven+ +introduction+to+linux+and+ubuntuUnit+seven+ +introduction+to+linux+and+ubuntu
Unit+seven+ +introduction+to+linux+and+ubuntuErdo Deshiant Garnaby
 
Unit+eight+ +ubuntu+security
Unit+eight+ +ubuntu+securityUnit+eight+ +ubuntu+security
Unit+eight+ +ubuntu+securityErdo Deshiant Garnaby
 
Ch1 2
Ch1 2Ch1 2
Ch1 2Sumit Tambe
 
Lesson 3 - Understanding Native Applications, Tools, Mobility, and Remote Man...
Lesson 3 - Understanding Native Applications, Tools, Mobility, and Remote Man...Lesson 3 - Understanding Native Applications, Tools, Mobility, and Remote Man...
Lesson 3 - Understanding Native Applications, Tools, Mobility, and Remote Man...Gene Carboni
 
The Boot Process
The Boot ProcessThe Boot Process
The Boot ProcessAmir Villas
 
Lesson 1 - Introducing, Installing, and Upgrading Windows 7
Lesson 1 - Introducing, Installing, and Upgrading Windows 7Lesson 1 - Introducing, Installing, and Upgrading Windows 7
Lesson 1 - Introducing, Installing, and Upgrading Windows 7Gene Carboni
 
Lesson 5 - Managing Devices
Lesson 5 - Managing DevicesLesson 5 - Managing Devices
Lesson 5 - Managing DevicesGene Carboni
 
Lesson 4 - Managing Applications, Services, Folders, and Libraries
Lesson 4 - Managing Applications, Services, Folders, and LibrariesLesson 4 - Managing Applications, Services, Folders, and Libraries
Lesson 4 - Managing Applications, Services, Folders, and LibrariesGene Carboni
 
Working with Applications
Working with ApplicationsWorking with Applications
Working with ApplicationsAmir Villas
 
Lesson 2 - Understanding Operating System Configurations
Lesson 2 - Understanding Operating System ConfigurationsLesson 2 - Understanding Operating System Configurations
Lesson 2 - Understanding Operating System ConfigurationsGene Carboni
 
Configuring Devices in Windows
Configuring Devices in WindowsConfiguring Devices in Windows
Configuring Devices in WindowsAmir Villas
 
Linux webmin
Linux webminLinux webmin
Linux webminSonam Sharma
 
Chapter 8 Operating Systems And Utility Programs
Chapter 8 Operating Systems And Utility ProgramsChapter 8 Operating Systems And Utility Programs
Chapter 8 Operating Systems And Utility Programsnorzaini
 
Week 6
Week 6Week 6
Week 6Joey Pierce
 
Installing driver
Installing driverInstalling driver
Installing driverOnline
 
Ch 20
Ch 20Ch 20
Ch 20National American University
 
Ict 5
Ict 5Ict 5
Ict 5Mudasirbaloch
 
15 maintaining & troubleshooting windows
15 maintaining & troubleshooting windows15 maintaining & troubleshooting windows
15 maintaining & troubleshooting windowshafizhanif86
 
Lesson 8 - Understanding Backup and Recovery Methods
Lesson 8 - Understanding Backup and Recovery MethodsLesson 8 - Understanding Backup and Recovery Methods
Lesson 8 - Understanding Backup and Recovery MethodsGene Carboni
 
Introduction, Installation Operating System and Application
Introduction, Installation Operating System and ApplicationIntroduction, Installation Operating System and Application
Introduction, Installation Operating System and ApplicationVichhaiy Serey
 
Lesson 7 - Maintaining, Updating, and Protecting
Lesson 7 - Maintaining, Updating, and ProtectingLesson 7 - Maintaining, Updating, and Protecting
Lesson 7 - Maintaining, Updating, and ProtectingGene Carboni
 
9781111306366 ppt ch5
9781111306366 ppt ch59781111306366 ppt ch5
9781111306366 ppt ch5Dr. Ahmed Al Zaidy
 
Ch03
Ch03Ch03
Ch03Raja Waseem Akhtar
 
HES2011 - Jon Larimer - Autorun Vulnerabilities on Linux
HES2011 - Jon Larimer - Autorun Vulnerabilities on LinuxHES2011 - Jon Larimer - Autorun Vulnerabilities on Linux
HES2011 - Jon Larimer - Autorun Vulnerabilities on LinuxHackito Ergo Sum
 
Red Hat Training
Red Hat TrainingRed Hat Training
Red Hat TrainingOpen Source Group
 
Computer Security Hacking
Computer Security HackingComputer Security Hacking
Computer Security HackingErdo Deshiant Garnaby
 
introduction to cyber patriot and cyber security
introduction to cyber patriot and cyber securityintroduction to cyber patriot and cyber security
introduction to cyber patriot and cyber securityErdo Deshiant Garnaby
 

More Related Content

What's hot

Lesson 1 - Introducing, Installing, and Upgrading Windows 7
Lesson 1 - Introducing, Installing, and Upgrading Windows 7Lesson 1 - Introducing, Installing, and Upgrading Windows 7
Lesson 1 - Introducing, Installing, and Upgrading Windows 7Gene Carboni
 
Lesson 5 - Managing Devices
Lesson 5 - Managing DevicesLesson 5 - Managing Devices
Lesson 5 - Managing DevicesGene Carboni
 
Lesson 4 - Managing Applications, Services, Folders, and Libraries
Lesson 4 - Managing Applications, Services, Folders, and LibrariesLesson 4 - Managing Applications, Services, Folders, and Libraries
Lesson 4 - Managing Applications, Services, Folders, and LibrariesGene Carboni
 
Working with Applications
Working with ApplicationsWorking with Applications
Working with ApplicationsAmir Villas
 
Lesson 2 - Understanding Operating System Configurations
Lesson 2 - Understanding Operating System ConfigurationsLesson 2 - Understanding Operating System Configurations
Lesson 2 - Understanding Operating System ConfigurationsGene Carboni
 
Configuring Devices in Windows
Configuring Devices in WindowsConfiguring Devices in Windows
Configuring Devices in WindowsAmir Villas
 
Chapter 8 Operating Systems And Utility Programs
Chapter 8 Operating Systems And Utility ProgramsChapter 8 Operating Systems And Utility Programs
Chapter 8 Operating Systems And Utility Programsnorzaini
 
Installing driver
Installing driverInstalling driver
Installing driverOnline
 
15 maintaining & troubleshooting windows
15 maintaining & troubleshooting windows15 maintaining & troubleshooting windows
15 maintaining & troubleshooting windowshafizhanif86
 
Lesson 8 - Understanding Backup and Recovery Methods
Lesson 8 - Understanding Backup and Recovery MethodsLesson 8 - Understanding Backup and Recovery Methods
Lesson 8 - Understanding Backup and Recovery MethodsGene Carboni
 
Introduction, Installation Operating System and Application
Introduction, Installation Operating System and ApplicationIntroduction, Installation Operating System and Application
Introduction, Installation Operating System and ApplicationVichhaiy Serey
 
Lesson 7 - Maintaining, Updating, and Protecting
Lesson 7 - Maintaining, Updating, and ProtectingLesson 7 - Maintaining, Updating, and Protecting
Lesson 7 - Maintaining, Updating, and ProtectingGene Carboni
 
HES2011 - Jon Larimer - Autorun Vulnerabilities on Linux
HES2011 - Jon Larimer - Autorun Vulnerabilities on LinuxHES2011 - Jon Larimer - Autorun Vulnerabilities on Linux
HES2011 - Jon Larimer - Autorun Vulnerabilities on LinuxHackito Ergo Sum
 

What's hot (20)

Lesson 1 - Introducing, Installing, and Upgrading Windows 7
Lesson 1 - Introducing, Installing, and Upgrading Windows 7Lesson 1 - Introducing, Installing, and Upgrading Windows 7
Lesson 1 - Introducing, Installing, and Upgrading Windows 7
 
Lesson 5 - Managing Devices
Lesson 5 - Managing DevicesLesson 5 - Managing Devices
Lesson 5 - Managing Devices
 
Lesson 4 - Managing Applications, Services, Folders, and Libraries
Lesson 4 - Managing Applications, Services, Folders, and LibrariesLesson 4 - Managing Applications, Services, Folders, and Libraries
Lesson 4 - Managing Applications, Services, Folders, and Libraries
 
Working with Applications
Working with ApplicationsWorking with Applications
Working with Applications
 
Lesson 2 - Understanding Operating System Configurations
Lesson 2 - Understanding Operating System ConfigurationsLesson 2 - Understanding Operating System Configurations
Lesson 2 - Understanding Operating System Configurations
 
Configuring Devices in Windows
Configuring Devices in WindowsConfiguring Devices in Windows
Configuring Devices in Windows
 
Linux webmin
Linux webminLinux webmin
Linux webmin
 
Chapter 8 Operating Systems And Utility Programs
Chapter 8 Operating Systems And Utility ProgramsChapter 8 Operating Systems And Utility Programs
Chapter 8 Operating Systems And Utility Programs
 
Week 6
Week 6Week 6
Week 6
 
Installing driver
Installing driverInstalling driver
Installing driver
 
Ch 20
Ch 20Ch 20
Ch 20
 
Ict 5
Ict 5Ict 5
Ict 5
 
15 maintaining & troubleshooting windows
15 maintaining & troubleshooting windows15 maintaining & troubleshooting windows
15 maintaining & troubleshooting windows
 
Lesson 8 - Understanding Backup and Recovery Methods
Lesson 8 - Understanding Backup and Recovery MethodsLesson 8 - Understanding Backup and Recovery Methods
Lesson 8 - Understanding Backup and Recovery Methods
 
Introduction, Installation Operating System and Application
Introduction, Installation Operating System and ApplicationIntroduction, Installation Operating System and Application
Introduction, Installation Operating System and Application
 
Lesson 7 - Maintaining, Updating, and Protecting
Lesson 7 - Maintaining, Updating, and ProtectingLesson 7 - Maintaining, Updating, and Protecting
Lesson 7 - Maintaining, Updating, and Protecting
 
9781111306366 ppt ch5
9781111306366 ppt ch59781111306366 ppt ch5
9781111306366 ppt ch5
 
Ch03
Ch03Ch03
Ch03
 
HES2011 - Jon Larimer - Autorun Vulnerabilities on Linux
HES2011 - Jon Larimer - Autorun Vulnerabilities on LinuxHES2011 - Jon Larimer - Autorun Vulnerabilities on Linux
HES2011 - Jon Larimer - Autorun Vulnerabilities on Linux
 
Red Hat Training
Red Hat TrainingRed Hat Training
Red Hat Training
 

Viewers also liked

introduction to cyber patriot and cyber security
introduction to cyber patriot and cyber securityintroduction to cyber patriot and cyber security
introduction to cyber patriot and cyber securityErdo Deshiant Garnaby
 
Unit+two+ +cyber+ethics+and+online+safety
Unit+two+ +cyber+ethics+and+online+safetyUnit+two+ +cyber+ethics+and+online+safety
Unit+two+ +cyber+ethics+and+online+safetyErdo Deshiant Garnaby
 
Unit+seven+ +introduction+to+linux+and+ubuntu
Unit+seven+ +introduction+to+linux+and+ubuntuUnit+seven+ +introduction+to+linux+and+ubuntu
Unit+seven+ +introduction+to+linux+and+ubuntuErdo Deshiant Garnaby
 
Unit+four+ +principles+of+cybersecurity
Unit+four+ +principles+of+cybersecurityUnit+four+ +principles+of+cybersecurity
Unit+four+ +principles+of+cybersecurityErdo Deshiant Garnaby
 

Viewers also liked (7)

Computer Security Hacking
Computer Security HackingComputer Security Hacking
Computer Security Hacking
 
introduction to cyber patriot and cyber security
introduction to cyber patriot and cyber securityintroduction to cyber patriot and cyber security
introduction to cyber patriot and cyber security
 
Unit+two+ +cyber+ethics+and+online+safety
Unit+two+ +cyber+ethics+and+online+safetyUnit+two+ +cyber+ethics+and+online+safety
Unit+two+ +cyber+ethics+and+online+safety
 
Unit+eight+ +ubuntu+security
Unit+eight+ +ubuntu+securityUnit+eight+ +ubuntu+security
Unit+eight+ +ubuntu+security
 
Unit+seven+ +introduction+to+linux+and+ubuntu
Unit+seven+ +introduction+to+linux+and+ubuntuUnit+seven+ +introduction+to+linux+and+ubuntu
Unit+seven+ +introduction+to+linux+and+ubuntu
 
Cyber Ethics
Cyber EthicsCyber Ethics
Cyber Ethics
 
Unit+four+ +principles+of+cybersecurity
Unit+four+ +principles+of+cybersecurityUnit+four+ +principles+of+cybersecurity
Unit+four+ +principles+of+cybersecurity
 

Similar to Unit+nine+ +additional+topics+and+resources

It04 roshan basnet
It04 roshan basnetIt04 roshan basnet
It04 roshan basnetrosu555
 
Microsoft System center Configuration manager 2012 sp1
Microsoft System center Configuration manager 2012 sp1Microsoft System center Configuration manager 2012 sp1
Microsoft System center Configuration manager 2012 sp1solarisyougood
 
Understanding Computers: Today and Tomorrow, 13th Edition Chapter 5 - System ...
Understanding Computers: Today and Tomorrow, 13th Edition Chapter 5 - System ...Understanding Computers: Today and Tomorrow, 13th Edition Chapter 5 - System ...
Understanding Computers: Today and Tomorrow, 13th Edition Chapter 5 - System ...yaminohime
 
Lec9chap8f04
Lec9chap8f04Lec9chap8f04
Lec9chap8f04screaminc
 
Windows Debugging Tools - JavaOne 2013
Windows Debugging Tools - JavaOne 2013Windows Debugging Tools - JavaOne 2013
Windows Debugging Tools - JavaOne 2013MattKilner
 
Chromium os architecture report
Chromium os architecture reportChromium os architecture report
Chromium os architecture reportAmr Abd El Latief
 
DOS Operating System
DOS Operating SystemDOS Operating System
DOS Operating SystemAnjan Mahanta
 
Software update for embedded systems
Software update for embedded systemsSoftware update for embedded systems
Software update for embedded systemsSZ Lin
 
Project ACRN CSE Virtualization
Project ACRN CSE VirtualizationProject ACRN CSE Virtualization
Project ACRN CSE VirtualizationProject ACRN
 
Web Servers, Browsers, Server - Browser Interaction, Web Surfing
Web Servers, Browsers, Server - Browser Interaction, Web SurfingWeb Servers, Browsers, Server - Browser Interaction, Web Surfing
Web Servers, Browsers, Server - Browser Interaction, Web Surfingwebhostingguy
 
Session 9 Tp 9
Session 9 Tp 9Session 9 Tp 9
Session 9 Tp 9githe26200
 
Study notes for CompTIA Certified Advanced Security Practitioner (ver2)
Study notes for CompTIA Certified Advanced Security Practitioner (ver2)Study notes for CompTIA Certified Advanced Security Practitioner (ver2)
Study notes for CompTIA Certified Advanced Security Practitioner (ver2)David Sweigert
 
Design and Development of ARM9 Based Embedded Web Server
Design and Development of ARM9 Based Embedded Web ServerDesign and Development of ARM9 Based Embedded Web Server
Design and Development of ARM9 Based Embedded Web ServerIJERA Editor
 
Research Assignment For Active Directory
Research Assignment For Active DirectoryResearch Assignment For Active Directory
Research Assignment For Active DirectoryJessica Myers
 

Similar to Unit+nine+ +additional+topics+and+resources (20)

It04 roshan basnet
It04 roshan basnetIt04 roshan basnet
It04 roshan basnet
 
IBM Notes in the Cloud
IBM Notes in the CloudIBM Notes in the Cloud
IBM Notes in the Cloud
 
Microsoft System center Configuration manager 2012 sp1
Microsoft System center Configuration manager 2012 sp1Microsoft System center Configuration manager 2012 sp1
Microsoft System center Configuration manager 2012 sp1
 
Understanding Computers: Today and Tomorrow, 13th Edition Chapter 5 - System ...
Understanding Computers: Today and Tomorrow, 13th Edition Chapter 5 - System ...Understanding Computers: Today and Tomorrow, 13th Edition Chapter 5 - System ...
Understanding Computers: Today and Tomorrow, 13th Edition Chapter 5 - System ...
 
Lec9chap8f04
Lec9chap8f04Lec9chap8f04
Lec9chap8f04
 
Windows Debugging Tools - JavaOne 2013
Windows Debugging Tools - JavaOne 2013Windows Debugging Tools - JavaOne 2013
Windows Debugging Tools - JavaOne 2013
 
Chromium os architecture report
Chromium os architecture reportChromium os architecture report
Chromium os architecture report
 
DOS Operating System
DOS Operating SystemDOS Operating System
DOS Operating System
 
O.s. lab all_experimets
O.s. lab all_experimetsO.s. lab all_experimets
O.s. lab all_experimets
 
Software update for embedded systems
Software update for embedded systemsSoftware update for embedded systems
Software update for embedded systems
 
os.ppt
os.pptos.ppt
os.ppt
 
Project ACRN CSE Virtualization
Project ACRN CSE VirtualizationProject ACRN CSE Virtualization
Project ACRN CSE Virtualization
 
Lesson 2
Lesson 2Lesson 2
Lesson 2
 
File000148
File000148File000148
File000148
 
Web Servers, Browsers, Server - Browser Interaction, Web Surfing
Web Servers, Browsers, Server - Browser Interaction, Web SurfingWeb Servers, Browsers, Server - Browser Interaction, Web Surfing
Web Servers, Browsers, Server - Browser Interaction, Web Surfing
 
Session 9 Tp 9
Session 9 Tp 9Session 9 Tp 9
Session 9 Tp 9
 
Study notes for CompTIA Certified Advanced Security Practitioner (ver2)
Study notes for CompTIA Certified Advanced Security Practitioner (ver2)Study notes for CompTIA Certified Advanced Security Practitioner (ver2)
Study notes for CompTIA Certified Advanced Security Practitioner (ver2)
 
Design and Development of ARM9 Based Embedded Web Server
Design and Development of ARM9 Based Embedded Web ServerDesign and Development of ARM9 Based Embedded Web Server
Design and Development of ARM9 Based Embedded Web Server
 
02 intro
02 intro02 intro
02 intro
 
Research Assignment For Active Directory
Research Assignment For Active DirectoryResearch Assignment For Active Directory
Research Assignment For Active Directory
 

Recently uploaded

Best VIP Call Girls Noida Sector 75 Call Me: 8448380779
Best VIP Call Girls Noida Sector 75 Call Me: 8448380779Best VIP Call Girls Noida Sector 75 Call Me: 8448380779
Best VIP Call Girls Noida Sector 75 Call Me: 8448380779Delhi Call girls
 
Hot Call Girls |Delhi |Hauz Khas ☎ 9711199171 Book Your One night Stand
Hot Call Girls |Delhi |Hauz Khas ☎ 9711199171 Book Your One night StandHot Call Girls |Delhi |Hauz Khas ☎ 9711199171 Book Your One night Stand
Hot Call Girls |Delhi |Hauz Khas ☎ 9711199171 Book Your One night Standkumarajju5765
 
Enjoy Night⚡Call Girls Dlf City Phase 3 Gurgaon >༒8448380779 Escort Service
Enjoy Night⚡Call Girls Dlf City Phase 3 Gurgaon >༒8448380779 Escort ServiceEnjoy Night⚡Call Girls Dlf City Phase 3 Gurgaon >༒8448380779 Escort Service
Enjoy Night⚡Call Girls Dlf City Phase 3 Gurgaon >༒8448380779 Escort ServiceDelhi Call girls
 
Call Girls In Defence Colony Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Defence Colony Delhi 💯Call Us 🔝8264348440🔝Call Girls In Defence Colony Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Defence Colony Delhi 💯Call Us 🔝8264348440🔝soniya singh
 
Russian Call girls in Dubai +971563133746 Dubai Call girls
Russian Call girls in Dubai +971563133746 Dubai Call girlsRussian Call girls in Dubai +971563133746 Dubai Call girls
Russian Call girls in Dubai +971563133746 Dubai Call girlsstephieert
 
Call Girls In Sukhdev Vihar Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Sukhdev Vihar Delhi 💯Call Us 🔝8264348440🔝Call Girls In Sukhdev Vihar Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Sukhdev Vihar Delhi 💯Call Us 🔝8264348440🔝soniya singh
 
VIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With Room
VIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With RoomVIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With Room
VIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With Roomishabajaj13
 
AWS Community DAY Albertini-Ellan Cloud Security (1).pptx
AWS Community DAY Albertini-Ellan Cloud Security (1).pptxAWS Community DAY Albertini-Ellan Cloud Security (1).pptx
AWS Community DAY Albertini-Ellan Cloud Security (1).pptxellan12
 
Call Girls Service Chandigarh Lucky ❤️ 7710465962 Independent Call Girls In C...
Call Girls Service Chandigarh Lucky ❤️ 7710465962 Independent Call Girls In C...Call Girls Service Chandigarh Lucky ❤️ 7710465962 Independent Call Girls In C...
Call Girls Service Chandigarh Lucky ❤️ 7710465962 Independent Call Girls In C...Sheetaleventcompany
 
Russian Call girl in Ajman +971563133746 Ajman Call girl Service
Russian Call girl in Ajman +971563133746 Ajman Call girl ServiceRussian Call girl in Ajman +971563133746 Ajman Call girl Service
Russian Call girl in Ajman +971563133746 Ajman Call girl Servicegwenoracqe6
 
VIP 7001035870 Find & Meet Hyderabad Call Girls LB Nagar high-profile Call Girl
VIP 7001035870 Find & Meet Hyderabad Call Girls LB Nagar high-profile Call GirlVIP 7001035870 Find & Meet Hyderabad Call Girls LB Nagar high-profile Call Girl
VIP 7001035870 Find & Meet Hyderabad Call Girls LB Nagar high-profile Call Girladitipandeya
 
Pune Airport ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready...
Pune Airport ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready...Pune Airport ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready...
Pune Airport ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready...tanu pandey
 
Challengers I Told Ya ShirtChallengers I Told Ya Shirt
Challengers I Told Ya ShirtChallengers I Told Ya ShirtChallengers I Told Ya ShirtChallengers I Told Ya Shirt
Challengers I Told Ya ShirtChallengers I Told Ya Shirtrahman018755
 
VIP Kolkata Call Girls Salt Lake 8250192130 Available With Room
VIP Kolkata Call Girls Salt Lake 8250192130 Available With RoomVIP Kolkata Call Girls Salt Lake 8250192130 Available With Room
VIP Kolkata Call Girls Salt Lake 8250192130 Available With Roomgirls4nights
 
Low Rate Young Call Girls in Sector 63 Mamura Noida ✔️☆9289244007✔️☆ Female E...
Low Rate Young Call Girls in Sector 63 Mamura Noida ✔️☆9289244007✔️☆ Female E...Low Rate Young Call Girls in Sector 63 Mamura Noida ✔️☆9289244007✔️☆ Female E...
Low Rate Young Call Girls in Sector 63 Mamura Noida ✔️☆9289244007✔️☆ Female E...SofiyaSharma5
 
Chennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts service
Chennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts serviceChennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts service
Chennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts servicevipmodelshub1
 
Call Girls In Model Towh Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Model Towh Delhi 💯Call Us 🔝8264348440🔝Call Girls In Model Towh Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Model Towh Delhi 💯Call Us 🔝8264348440🔝soniya singh
 

Recently uploaded (20)

Best VIP Call Girls Noida Sector 75 Call Me: 8448380779
Best VIP Call Girls Noida Sector 75 Call Me: 8448380779Best VIP Call Girls Noida Sector 75 Call Me: 8448380779
Best VIP Call Girls Noida Sector 75 Call Me: 8448380779
 
Rohini Sector 22 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
Rohini Sector 22 Call Girls Delhi 9999965857 @Sabina Saikh No AdvanceRohini Sector 22 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
Rohini Sector 22 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
 
Hot Call Girls |Delhi |Hauz Khas ☎ 9711199171 Book Your One night Stand
Hot Call Girls |Delhi |Hauz Khas ☎ 9711199171 Book Your One night StandHot Call Girls |Delhi |Hauz Khas ☎ 9711199171 Book Your One night Stand
Hot Call Girls |Delhi |Hauz Khas ☎ 9711199171 Book Your One night Stand
 
Enjoy Night⚡Call Girls Dlf City Phase 3 Gurgaon >༒8448380779 Escort Service
Enjoy Night⚡Call Girls Dlf City Phase 3 Gurgaon >༒8448380779 Escort ServiceEnjoy Night⚡Call Girls Dlf City Phase 3 Gurgaon >༒8448380779 Escort Service
Enjoy Night⚡Call Girls Dlf City Phase 3 Gurgaon >༒8448380779 Escort Service
 
Call Girls In Defence Colony Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Defence Colony Delhi 💯Call Us 🔝8264348440🔝Call Girls In Defence Colony Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Defence Colony Delhi 💯Call Us 🔝8264348440🔝
 
Russian Call girls in Dubai +971563133746 Dubai Call girls
Russian Call girls in Dubai +971563133746 Dubai Call girlsRussian Call girls in Dubai +971563133746 Dubai Call girls
Russian Call girls in Dubai +971563133746 Dubai Call girls
 
Call Girls In Sukhdev Vihar Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Sukhdev Vihar Delhi 💯Call Us 🔝8264348440🔝Call Girls In Sukhdev Vihar Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Sukhdev Vihar Delhi 💯Call Us 🔝8264348440🔝
 
VIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With Room
VIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With RoomVIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With Room
VIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With Room
 
AWS Community DAY Albertini-Ellan Cloud Security (1).pptx
AWS Community DAY Albertini-Ellan Cloud Security (1).pptxAWS Community DAY Albertini-Ellan Cloud Security (1).pptx
AWS Community DAY Albertini-Ellan Cloud Security (1).pptx
 
Call Girls Service Chandigarh Lucky ❤️ 7710465962 Independent Call Girls In C...
Call Girls Service Chandigarh Lucky ❤️ 7710465962 Independent Call Girls In C...Call Girls Service Chandigarh Lucky ❤️ 7710465962 Independent Call Girls In C...
Call Girls Service Chandigarh Lucky ❤️ 7710465962 Independent Call Girls In C...
 
Russian Call girl in Ajman +971563133746 Ajman Call girl Service
Russian Call girl in Ajman +971563133746 Ajman Call girl ServiceRussian Call girl in Ajman +971563133746 Ajman Call girl Service
Russian Call girl in Ajman +971563133746 Ajman Call girl Service
 
VIP 7001035870 Find & Meet Hyderabad Call Girls LB Nagar high-profile Call Girl
VIP 7001035870 Find & Meet Hyderabad Call Girls LB Nagar high-profile Call GirlVIP 7001035870 Find & Meet Hyderabad Call Girls LB Nagar high-profile Call Girl
VIP 7001035870 Find & Meet Hyderabad Call Girls LB Nagar high-profile Call Girl
 
Pune Airport ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready...
Pune Airport ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready...Pune Airport ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready...
Pune Airport ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready...
 
Challengers I Told Ya ShirtChallengers I Told Ya Shirt
Challengers I Told Ya ShirtChallengers I Told Ya ShirtChallengers I Told Ya ShirtChallengers I Told Ya Shirt
Challengers I Told Ya ShirtChallengers I Told Ya Shirt
 
Dwarka Sector 26 Call Girls | Delhi | 9999965857 🫦 Vanshika Verma More Our Se...
Dwarka Sector 26 Call Girls | Delhi | 9999965857 🫦 Vanshika Verma More Our Se...Dwarka Sector 26 Call Girls | Delhi | 9999965857 🫦 Vanshika Verma More Our Se...
Dwarka Sector 26 Call Girls | Delhi | 9999965857 🫦 Vanshika Verma More Our Se...
 
VIP Kolkata Call Girls Salt Lake 8250192130 Available With Room
VIP Kolkata Call Girls Salt Lake 8250192130 Available With RoomVIP Kolkata Call Girls Salt Lake 8250192130 Available With Room
VIP Kolkata Call Girls Salt Lake 8250192130 Available With Room
 
Rohini Sector 6 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
Rohini Sector 6 Call Girls Delhi 9999965857 @Sabina Saikh No AdvanceRohini Sector 6 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
Rohini Sector 6 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
 
Low Rate Young Call Girls in Sector 63 Mamura Noida ✔️☆9289244007✔️☆ Female E...
Low Rate Young Call Girls in Sector 63 Mamura Noida ✔️☆9289244007✔️☆ Female E...Low Rate Young Call Girls in Sector 63 Mamura Noida ✔️☆9289244007✔️☆ Female E...
Low Rate Young Call Girls in Sector 63 Mamura Noida ✔️☆9289244007✔️☆ Female E...
 
Chennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts service
Chennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts serviceChennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts service
Chennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts service
 
Call Girls In Model Towh Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Model Towh Delhi 💯Call Us 🔝8264348440🔝Call Girls In Model Towh Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Model Towh Delhi 💯Call Us 🔝8264348440🔝
 

Unit+nine+ +additional+topics+and+resources

  • 1. AIR FORCE ASSOCIATION’S NATIONAL YOUTH CYBER EDUCATION PROGRAM CYBERPATRIOT www.uscyberpatriot.org UNIT NINE Additional Training Topics and Tips
  • 2. AIR FORCE ASSOCIATION’S NATIONAL YOUTH CYBER EDUCATION PROGRAM CYBERPATRIOT www.uscyberpatriot.org SECTION ONE Topics for Further Study 1
  • 3. © Air Force Association • A web server stores, processes, and delivers web pages to clients using HTTP ‐ Definition and diagrams of a web server: http://www.pcmag.com/encyclopedia/te rm/54342/web-server • The leading web server software is the Apache HTTP Server ‐ Information on Apache: http://httpd.apache.org/ABOUT_APACHE .html Web Servers 2 Source: http://upload.wikimedia.org/wikipedia/commons/f/f6/SunFire-X4200.jpg
  • 4. © Air Force Association • Windows operating systems typically use one of two file systems to organize data on hard discs ‐ FAT32 • Used in older operating systems such as Windows 95 and 98 ‐ NTFS • Modern file system currently used in Windows XP onward • Comparison of FAT32 and NTFS: http://windows.microsoft.com/en-us/windows-vista/comparing-ntfs- and-fat-file-systems 3 File Systems Ubuntu Tip: Linux systems use the Ext2, Ext3, or Ext4 file systems: https://help.ubuntu.com/community/LinuxFilesystemsExplained
  • 5. © Air Force Association • MMC is a Windows component that allows customization and configuration of a system via GUI objects called snap-ins. • Common snap-ins include: ‐ Computer Management ‐ Group Policy Management ‐ Services ‐ Performance ‐ Event Viewer • Microsoft’s MMC guide: http://technet.microsoft.com/en-us/library/bb742442.aspx 4 Microsoft Management Console
  • 6. © Air Force Association • Group Policy: Settings for groups of users and computers, including those regarding registry-based policy, security, computer startup and shutdown, and logon and logoff ‐ Details on Microsoft group policy: http://technet.microsoft.com/en- us/library/bb742376.aspx • Some useful settings may be: ‐ Not displaying last user name on login screen • How to: http://support2.microsoft.com/kb/310125 ‐ Requiring Ctrl Alt Del before signing on • How to: http://support.microsoft.com/kb/308226 5 Group Policy Source: http://blog.codinghorror.com/content/images/uploads/2005/05/6a0120a85dcdae970b012877 6fbe89970c-pi.png
  • 7. © Air Force Association • Authentication protocol ‐ Authentication protocol confirms the identity of any user logging on to a domain or access network resources ‐ NTLM is a Microsoft authentication protocol: http://msdn.microsoft.com/en- us/library/windows/desktop/aa378749(v=vs.85).aspx • Password hashing ‐ Method of taking a variable-length password and creating a cryptic, fixed-length password from it ‐ Details on password hashing: http://security.blogoverflow.com/2013/09/about-secure-password- hashing/ ‐ LanMan Hash is a password hashing function of NTLM • Details on the security risk of LanMan Hash: http://www.microsoft.com/security/sir/strategy/default.aspx#!passwor d_hashes 6 NT LAN Manager (NTLM) Ubuntu Tip: Ubuntu 8.10 and later use salted SHA-512 based password hashes: https://wiki.ubuntu.com/Security/Features
  • 8. © Air Force Association • The Security Account Manager (SAM) is a Windows database that stores user accounts and security descriptors for users on the local computer ‐ Information on the SAM: http://searchenterprisedesktop.techtarget.com/definition/Security-Accounts- Manager ‐ Possible security issues: https://technet.microsoft.com/en- us/library/security/ms14-016.aspx Security Account Manager (SAM) 7 Source: http://computerstepbystep.com/wpimages/wp8863e5cd_01.png
  • 9. © Air Force Association • Remote connections are ways of sharing systems. • Examples: ‐ Virtual Network Computing (VNC) • VNC allows you to share and give control of your desktop to another user • VNC variants and applications: http://ipinfo.info/html/vnc_remote_control.php ‐ Remote Desktop • Similar to VNC, Remote Desktop Protocol (RDP), allows a user to control a remote system • Using RDP: http://windows.microsoft.com/en-us/windows/connect- using-remote-desktop-connection#connect-using-remote-desktop- connection=windows-7 Sharing Systems and Remote Connections 8 Source: http://blog.tmcnet.com/blog/tom- keating/images/remote-desktop-general-tab.jpg Ubuntu Tip: If using a Gnome desktop, Remote desktop is easy in Ubuntu: http://www.makeuseof.com/tag/ubuntu-remote-desktop-builtin-vnc-compatible-dead-easy/
  • 10. © Air Force Association • The File Transfer Protocol (FTP) is a standard network protocol used to transfer computer files from one host to another over the Internet ‐ FTP FAQ: http://windows.microsoft.com/en-us/windows-vista/file-transfer-protocol- ftp-frequently-asked-questions • Secure File Transfer Protocol works similarly to FTP but is more secure ‐ How to use SFTP: https://www.digitalocean.com/community/tutorials/how-to-use- sftp-to-securely-transfer-files-with-a-remote-server • Trivial File Transfer Protocol (TFTP) is a simplified version of FTP ‐ Details on TFTP: http://compnetworking.about.com/od/ftpfiletransfer/g/tftp-trivial- file-transfer-protocol.htm 9 FTP, TFTP, and SFTP Source: http://www.deskshare.com/resources/articles/images/ftp-protocol.gif
  • 11. © Air Force Association • The registry is a hierarchical database that stores configuration settings and options ‐ WARNING: If you do not know what you are doing, editing the registry can cause serious problems that may require you to reinstall Windows ‐ Explanation of the registry and how to make edits: http://pcsupport.about.com/od/termsr/p/ registrywindows.htm ‐ Managing remote access to the registry: http://support2.microsoft.com/kb/314837 Windows Registry 10 Source: http://www.computerhope.com/reg1.gif Ubuntu Tip: There is no registry in Ubuntu per se, but if using a GNOME desktop, dconf is similar: https://wiki.gnome.org/action/show/Projects/dconf?action=show&redirect=dconf
  • 12. © Air Force Association • Like Linux, the command line in Windows allows you to enter commands without a GUI. • Sample commands are: ‐ Ipconfig is used to view or modify a computer’s IP addresses ‐ Bcedit is used to view or make changes to Boot Configuration Data ‐ Cmd starts a new instance of the command line interpreter ‐ Convert is used to change FAT32 formatted volumes to NTFS ‐ Nslookup is used to display the hostname of an entered IP address • Opening the command prompt: http://windows.microsoft.com/en- us/windows-vista/open-a-command-prompt-window • Detailed list of commands: http://pcsupport.about.com/od/commandlinereference/tp/windows-7- commands-p1.htm 11 Windows Command Prompt
  • 13. © Air Force Association • TCP/IP is a set of communication protocols ‐ Transmission Control Protocol (TCP) provides reliable, ordered, and error-checked delivery of data ‐ User Datagram Protocol (UDP) uses a simple connectionless transmission model • TCP/IP applications send data to specific ports to help computer systems understand what to do with the data that flows into them, • Examples of common ports and protocols: • Open ports can be a security risk by allowing attackers into your system ‐ Firewalls typically block unnecessary ports, but it is unwise to blindly rely on one ‐ Information on determining which ports are open and which should be closed: http://www.techrepublic.com/article/lock-it-down-develop-a-strategy-for-securing-ports-on-your-servers/ 12 Ports and Protocols Service Protocol Port FTP TCP 20, 21 TFTP UDP 69 HTTP TCP 80 HTTPS TCP 443 RDP TCP 3389
  • 14. © Air Force Association • A DMZ acts as a gateway to the public internet that acts as an additional layer of security to an organizations local area network ‐ An external attacker only has direct access to equipment in the DMZ • A typical DMZ may look like the following (the unlabeled green icon in the center is a firewall): 13 Demilitarized Zone (DMZ) Source: http://en.wikipedia.org/wiki/DMZ_(computing)#mediaviewer/File:DMZ_network_diagram_1_firewall.svg
  • 15. © Air Force Association • DCOM is a technology for communication among software components distributed across networked computers ‐ In depth information on DCOM: https://www.princeton.edu/~achaney/tmve/wiki100k/ docs/Distributed_Component_Object_Model.html ‐ Mitigating DCOM Vulnerabilities: http://technet.microsoft.com/en- us/library/dd632946.aspx Distributed Component Object Model (DCOM) 14
  • 16. AIR FORCE ASSOCIATION’S NATIONAL YOUTH CYBER EDUCATION PROGRAM CYBERPATRIOT www.uscyberpatriot.org SECTION TWO Tips from CyberPatriot Veterans 15
  • 17. © Air Force Association • Familiarize yourself with Microsoft Windows tools and resources ‐ Microsoft SysInternals Suite Applications that help troubleshoot Windows issues and administer the operating system. ‐ Windows God Mode. Windows 7 and 8 feature that allows all Control Panel and Policy functions from one folder on the desktop. ‐ Microsoft Baseline Security Analyzer (MBSA) and Security Essentials ‐ How to Geek School contains a number of tutorial videos on securing Windows and using SysInternals tools. ‐ BleepingComputer Security Tutorials & Tools is another site with information and tools that will help. • Familiarize yourself with the Ubuntu Linux Operating System ‐ The official Ubuntu Desktop Guide is available at https://help.ubuntu.com/12.04/ubuntu-help/index.html. This will help introduce you to the operating system. ‐ Fosswire has a couple of cheat sheets. These show commands to run on a terminal / command line. • http://www.cheat-sheets.org/saved-copy/fwunixref.pdf • http://www.cheat-sheets.org/saved-copy/ubunturef.pdf • Make sure your team documents everything they do on the images • Get hands-on practice with virtual images using your MSDN account • Have students who are not “hands on” the images during competition are taking notes, doing research, and observing the students who are “hands on” • Have fun! • Ron’s presentation at the October 2014 Online Meeting: http://youtu.be/QmcYUHY8QYI Ron Woerner, CP-VI Mentor of the Year, Tips 16
  • 18. © Air Force Association • Have students instruct new students as much as possible ‐ Teaching others reinforces their learning ‐ Even with the beginners, have them teach whatever they have learned to prospective Competitors during open houses; it makes them understand they are getting somewhere • Resources ‐ Research on the Internet ‐ Cannot rely only on Mentor’s knowledge – most are experts in narrow subjects ‐ The Coach and the Mentor both need to keep learning all the time ‐ Talk to IT people, computer experts, friends – Get ideas from everyone, everywhere • Practices ‐ We run two practices each week, often it is much of the same content because there is not one day when all my cadets can practice together ‐ Have a plan for what you want to accomplish for practices but be flexible ‐ Balance practice vs instruction ‐ Repetition, repetition, repetition ‐ Train on resetting the images during competition, even experienced teams will lock themselves out or crash images ‐ Train on connectivity issues – how to figure out why they are not connected to the internet / network – dhcp, etc. • Competition ‐ Read Scenario and Forensic Questions BEFORE doing anything else ‐ Plan a restart with 30 - 45 min left, it can take a long time to complete updates ‐ Middle School - lots of breaks to keep them engaged mentally ‐ Watch what snacks they have when – beware of the sugar crash Ken Steffey, CP-VI Coach of the Year, Tips 17
  • 19. © Air Force Association • Make sure Coaches and Mentors know the students – Don’t force learning during unfocused times. • Find THAT KID to lead and motivate the rest of the team • Know Coach and Mentor limitations and seek out other resources when necessary. ‐ Randy Mills, CP-VI Open Division National Finalist Coach • Have your Mentor know the material better than the students. This frees up the Coach for administrative tasks and provides better support for the team. • Plan for the competition early and eliminate equipment/connectivity obstacles. • Recruit students who are motivated self-starters and try to fill out a full team roster. • Provide supplementary curriculum; the CyberPatriot training materials don’t cover everything. ‐ Joe Gombos, CP-VI All Service Division National Finalist Coach 18 Other Tips